x-kom hosting

Komputer wolno pracuje i szwankuje Internet

przemek980
utworzono
utworzono

Witam, bardzo bym prosił o sprawdzenie logów z programów OTL i RSIT oraz podpowiedzenie co usunąć.
Pozdrawiam

OTL
[log]OTL logfile created on: 2011-02-05 19:55:55 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Asia\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,57 Gb Total Space | 39,83 Gb Free Space | 35,70% Space Free | Partition Type: NTFS
Drive D: | 111,55 Gb Total Space | 108,52 Gb Free Space | 97,28% Space Free | Partition Type: NTFS

Computer Name: ASIA-PC | User Name: Asia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-05 19:53:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Asia\Downloads\OTL.exe
PRC - [2010-12-13 17:00:14 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-12-13 17:00:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-11-05 01:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-09-07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-08-25 19:45:42 | 000,266,776 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2010-08-25 19:45:40 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2010-08-25 19:45:38 | 000,179,224 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2010-08-25 19:45:36 | 000,171,032 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2010-08-17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-04-16 09:12:40 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010-02-20 18:36:13 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-08-27 15:26:02 | 001,597,832 | ---- | M] (FRISK Software International) -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
PRC - [2009-08-27 15:26:02 | 000,075,424 | ---- | M] (FRISK Software International) -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
PRC - [2009-08-19 09:53:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009-08-19 09:52:16 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009-08-07 03:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
PRC - [2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-05-21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-03-25 16:25:20 | 000,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009-03-25 16:25:20 | 000,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009-03-25 10:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009-03-23 23:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009-03-19 10:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009-03-03 03:16:04 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-02-09 13:10:14 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-02-08 23:47:38 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Asia\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009-02-08 23:31:59 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-02-08 23:31:46 | 000,024,064 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009-01-09 10:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009-01-09 08:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009-01-09 07:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-09-10 23:02:24 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008-06-13 22:52:52 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008-06-11 10:22:16 | 000,409,600 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008-05-14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008-05-14 17:05:22 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008-04-25 19:08:48 | 000,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008-04-25 19:08:40 | 001,049,896 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008-04-18 14:18:02 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008-04-10 15:30:20 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008-04-10 15:30:14 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008-04-06 21:42:36 | 000,034,040 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PRC - [2008-04-06 21:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008-04-04 02:03:14 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008-03-27 23:51:18 | 000,116,032 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
PRC - [2008-03-25 21:27:58 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2008-03-25 20:49:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008-03-25 20:49:00 | 000,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008-03-25 20:40:42 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2008-03-21 12:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008-03-18 20:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008-03-03 12:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008-01-21 03:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-21 03:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-21 03:34:50 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2008-01-21 03:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2008-01-21 03:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2008-01-21 03:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-01-21 03:33:24 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2008-01-21 03:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2008-01-21 03:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 03:32:50 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008-01-16 17:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2007-12-06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007-10-23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007-01-17 10:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007-01-09 19:25:30 | 000,272,024 | ---- | M] () -- C:\Program Files\Cyberlink\Shared files\RichVideo.exe
PRC - [2006-11-02 10:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
PRC - [2006-10-27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006-10-26 20:24:54 | 000,098,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [1998-07-08 12:01:28 | 000,055,296 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-05 19:53:13 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Asia\Downloads\OTL.exe
MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2010-07-26 17:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-28 17:15:53 | 001,315,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-05-20 03:49:58 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010-04-16 17:10:45 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-07-17 15:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-04-23 13:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-02-13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-02-09 13:10:12 | 000,754,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-02-09 13:02:21 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-10-21 06:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2008-10-16 05:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2008-01-21 03:34:50 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2008-01-21 03:34:50 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2008-01-21 03:34:46 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2008-01-21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 03:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 03:34:34 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2008-01-21 03:34:22 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2008-01-21 03:34:22 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2008-01-21 03:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 03:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 03:34:21 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2008-01-21 03:34:20 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2008-01-21 03:34:11 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2008-01-21 03:34:07 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2008-01-21 03:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 03:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 03:34:05 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2008-01-21 03:34:03 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2008-01-21 03:34:03 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2008-01-21 03:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2008-01-21 03:33:53 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2008-01-21 03:33:52 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2008-01-21 03:33:52 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2008-01-21 03:33:48 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2008-01-21 03:33:47 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-21 03:33:46 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2008-01-21 03:33:20 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2008-01-21 03:33:15 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2008-01-21 03:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-21 03:33:12 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2008-01-21 03:32:53 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-04-16 09:12:40 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009-08-27 15:26:02 | 000,075,424 | ---- | M] (FRISK Software International) [Auto | Running] -- C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe -- (FPAVServer)
SRV - [2009-04-01 13:21:30 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009-03-25 16:25:20 | 000,797,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009-03-25 10:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009-03-23 23:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009-03-19 10:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009-02-08 23:31:46 | 000,024,064 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-080708-050100)
SRV - [2009-01-09 10:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009-01-09 08:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009-01-09 07:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2008-05-14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008-04-06 21:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008-04-04 02:03:14 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008-03-21 12:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008-03-18 20:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008-03-03 12:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 03:32:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 03:32:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008-01-16 17:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007-12-06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-09-07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-09-07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-08-25 19:31:30 | 009,024,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009-08-27 15:25:52 | 000,675,032 | ---- | M] (FRISK Software International) [File_System | System | Running] -- C:\Windows\System32\drivers\FPAV_RTP.sys -- (FPAV_RTP)
DRV - [2009-03-25 10:06:30 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009-03-25 10:06:28 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009-03-25 10:06:28 | 000,079,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009-03-25 10:06:28 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009-03-25 10:05:54 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008-10-23 12:08:54 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008-08-12 13:33:38 | 000,061,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008-06-14 02:10:08 | 002,152,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-05-14 17:05:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008-05-14 17:05:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008-05-14 17:05:42 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008-04-27 20:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-04-25 19:08:42 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008-04-18 14:01:24 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008-03-21 09:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008-03-01 00:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008-02-21 10:55:00 | 000,299,008 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008-01-31 02:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008-01-31 02:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:32:51 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:32:49 | 000,030,720 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008-01-21 03:32:48 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008-01-21 03:32:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:32:48 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:32:44 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008-01-16 17:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2006-11-03 06:29:36 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&s=2&o=vb32&d=0209&m=aspire_5735


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&s=2&o=vb32&d=0209&m=aspire_5735
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&s=2&o=vb32&d=0209&m=aspire_5735
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-02-08 23:55:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011-01-11 09:31:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-13 17:00:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-13 17:00:16 | 000,000,000 | ---D | M]

[2009-04-22 10:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asia\AppData\Roaming\mozilla\Extensions
[2011-02-05 19:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asia\AppData\Roaming\mozilla\Firefox\Profiles\nv95vjpi.default\extensions
[2010-06-23 10:10:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Asia\AppData\Roaming\mozilla\Firefox\Profiles\nv95vjpi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-02-04 16:09:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-01-11 09:31:52 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2010-11-12 09:26:40 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-11-12 09:26:41 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-11-12 09:26:41 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-11-12 09:26:41 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-11-12 09:26:41 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-11-12 09:26:41 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe (FRISK Software International)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe ()
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2438543876-426734136-3849193080-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2438543876-426734136-3849193080-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.57.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Toco Toucan.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Toco Toucan.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4934e367-b732-11de-99c1-001d72d2e339}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{76ae3dde-1e44-11df-8302-001d72d2e339}\Shell - "" = AutoRun
O33 - MountPoints2\{76ae3dde-1e44-11df-8302-001d72d2e339}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{87a2162f-b37b-11df-ba61-001d72d2e339}\Shell - "" = Autorun
O33 - MountPoints2\{87a2162f-b37b-11df-ba61-001d72d2e339}\Shell\AutoRun\command - "" = setup.exe
O33 - MountPoints2\{9ded13be-f64f-11dd-8d56-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9ded13be-f64f-11dd-8d56-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EuroTEST.exe
O33 - MountPoints2\{af37ced7-059b-11df-9a3e-001d72d2e339}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{ce5df4d4-8b18-11df-a48c-001d72d2e339}\Shell\AutoRun\command - "" = F:\Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^Users^Asia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: FPAVServer - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe (FRISK Software International)
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: FPAVServer - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe (FRISK Software International)
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-05 19:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-02-05 19:56:25 | 000,000,000 | ---D | C] -- C:\rsit
[2011-02-05 19:35:25 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011-02-05 09:21:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2011-01-28 11:09:32 | 000,000,000 | ---D | C] -- C:\Users\Asia\Desktop\Leonek 2.2.0.8 Adam
[2011-01-19 16:26:16 | 000,000,000 | ---D | C] -- C:\Users\Asia\Desktop\Biernat
[2011-01-08 11:22:02 | 000,000,000 | ---D | C] -- C:\Users\Asia\Desktop\NIERUCHOMOŚCI
[2010-12-14 10:23:23 | 000,000,000 | ---D | C] -- C:\Users\Asia\Desktop\MUZYKA
[2010-08-25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2009-02-09 13:15:07 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-05 19:52:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-02-05 19:51:32 | 000,018,899 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011-02-05 19:33:18 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-02-05 19:32:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011-02-05 19:30:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-02-05 19:30:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-02-05 19:29:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-02-05 19:29:51 | 2072,891,392 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-05 12:21:24 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempPl3016.html
[2011-02-05 11:10:45 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempoO4968.html
[2011-02-04 10:52:13 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-02-04 10:52:13 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-02-04 10:52:13 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-02-04 10:52:13 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-02-03 17:47:59 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempgV5032.html
[2011-02-03 17:05:50 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempWm5876.html
[2011-02-03 12:01:45 | 002,177,536 | ---- | M] () -- C:\Users\Asia\Desktop\Kalkulator_MP_09_04_2010.xls
[2011-02-03 12:01:25 | 000,025,867 | ---- | M] () -- C:\Users\Asia\Desktop\trans kada.xlsx
[2011-02-03 11:24:28 | 002,190,336 | ---- | M] () -- C:\Users\Asia\Documents\Kalkulator_MP_09_04_2010.xls
[2011-02-02 15:45:22 | 000,010,748 | ---- | M] () -- C:\Users\Asia\Desktop\LIST DO KLIENTÓW.docx
[2011-02-02 14:46:22 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempNX6408.html
[2011-02-01 17:12:18 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempIp2936.html
[2011-02-01 16:52:57 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempjQ2356.html
[2011-02-01 12:54:52 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempTvv864.html
[2011-02-01 10:37:37 | 000,000,000 | ---- | M] () -- C:\Users\Asia\Desktop\Oświadzczenie.docx
[2011-01-31 17:27:04 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TemplA5844.html
[2011-01-29 09:20:35 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempPm3196.html
[2011-01-27 16:33:48 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempPL2116.html
[2011-01-27 14:26:45 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempVy5168.html
[2011-01-27 13:08:57 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempTn4928.html
[2011-01-26 16:48:53 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempCW2084.html
[2011-01-26 15:44:04 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempvP4892.html
[2011-01-26 08:17:09 | 000,000,134 | ---- | M] () -- C:\Users\Asia\Desktop\Połącz z — skrót.lnk
[2011-01-25 13:23:01 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempPV2776.html
[2011-01-25 11:45:53 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempZD1492.html
[2011-01-24 17:33:17 | 000,401,312 | ---- | M] () -- C:\Users\Asia\Desktop\Toyota Yaris co gdzie i jak.docx
[2011-01-24 17:15:11 | 000,017,820 | ---- | M] () -- C:\Users\Asia\Desktop\Słoneczne dni.docx
[2011-01-24 16:55:10 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempqW2488.html
[2011-01-24 15:38:12 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempnH4204.html
[2011-01-24 12:28:30 | 000,037,888 | ---- | M] () -- C:\Users\Asia\Desktop\BHPumowa- wzor.doc
[2011-01-22 10:40:44 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempjq5012.html
[2011-01-22 10:25:59 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempltT412.html
[2011-01-22 09:16:57 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempgQ5828.html
[2011-01-20 16:48:14 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Temppi1472.html
[2011-01-20 12:41:08 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempjPg284.html
[2011-01-19 17:09:15 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempBt6416.html
[2011-01-19 14:07:50 | 000,086,046 | ---- | M] () -- C:\Users\Asia\Desktop\Potykacz.docx
[2011-01-19 13:51:00 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempQK4172.html
[2011-01-19 12:51:46 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempCd4364.html
[2011-01-19 11:44:05 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempFf4284.html
[2011-01-18 16:34:56 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempGP5700.html
[2011-01-18 15:05:30 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempMO2632.html
[2011-01-17 17:10:32 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempEc1992.html
[2011-01-14 11:19:27 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempiO1068.html
[2011-01-14 09:54:04 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempKMM484.html
[2011-01-14 09:10:33 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Temply3664.html
[2011-01-13 12:18:54 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempaf1352.html
[2011-01-13 10:23:14 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempRZ4756.html
[2011-01-13 09:40:28 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempbm4408.html
[2011-01-13 09:40:28 | 000,002,089 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempqI4408.html
[2011-01-12 13:41:43 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempAv1236.html
[2011-01-12 11:53:06 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempzK4244.html
[2011-01-10 16:52:19 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempQT1908.html
[2011-01-10 12:56:43 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempux4556.html
[2011-01-10 11:00:21 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempJo3060.html
[2011-01-08 10:33:53 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TemprtB824.html
[2011-01-06 09:21:23 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempRF4032.html
[2011-01-05 17:53:38 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Temppv5556.html
[2011-01-05 15:46:37 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempuy4804.html
[2011-01-05 14:25:18 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempua1660.html
[2011-01-04 17:57:26 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempyb4768.html
[2011-01-04 16:26:01 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempXe5772.html
[2011-01-04 15:13:19 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempuE2632.html
[2011-01-04 12:41:31 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempGD3628.html
[2011-01-04 11:17:22 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempgW1896.html
[2011-01-04 10:40:04 | 000,024,245 | ---- | M] () -- C:\Users\Asia\Desktop\Zeszyt3.xlsx
[2011-01-03 17:51:37 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempRl5872.html
[2011-01-03 12:45:41 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempve5604.html
[2011-01-03 10:43:29 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempux4024.html
[2010-12-31 10:38:49 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempRB4056.html
[2010-12-29 16:57:21 | 000,118,279 | ---- | M] () -- C:\Users\Asia\Documents\ulotka po slowacku pdf.pdf
[2010-12-29 15:49:07 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempCg2196.html
[2010-12-29 15:08:30 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempIj1400.html
[2010-12-29 11:11:44 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempbJ2620.html
[2010-12-28 12:49:49 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Tempcy1604.html
[2010-12-17 11:48:32 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempKN5760.html
[2010-12-17 09:09:33 | 000,461,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-12-14 14:48:31 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempxX5312.html
[2010-12-14 12:01:45 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempAm2568.html
[2010-12-13 13:21:45 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TemprP4592.html
[2010-12-09 12:15:21 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempXs5152.html
[2010-12-08 16:12:14 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Temptn8056.html
[2010-12-08 12:56:53 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\Temptt8048.html
[2010-12-08 10:52:22 | 000,002,432 | ---- | M] () -- C:\Users\Asia\AppData\Local\TempuuN800.html

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-05 12:14:21 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempPl3016.html
[2011-02-05 09:40:37 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempoO4968.html
[2011-02-03 17:46:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempgV5032.html
[2011-02-03 15:39:50 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempWm5876.html
[2011-02-03 12:01:30 | 002,177,536 | ---- | C] () -- C:\Users\Asia\Desktop\Kalkulator_MP_09_04_2010.xls
[2011-02-03 12:01:24 | 000,025,867 | ---- | C] () -- C:\Users\Asia\Desktop\trans kada.xlsx
[2011-02-02 14:45:08 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempNX6408.html
[2011-02-02 09:01:48 | 000,010,748 | ---- | C] () -- C:\Users\Asia\Desktop\LIST DO KLIENTÓW.docx
[2011-02-01 17:07:11 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempIp2936.html
[2011-02-01 15:10:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempjQ2356.html
[2011-02-01 12:12:42 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempTvv864.html
[2011-02-01 10:37:37 | 000,000,000 | ---- | C] () -- C:\Users\Asia\Desktop\Oświadzczenie.docx
[2011-01-31 13:41:17 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemplA5844.html
[2011-01-29 09:19:35 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempPm3196.html
[2011-01-27 16:33:22 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempPL2116.html
[2011-01-27 13:36:36 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempVy5168.html
[2011-01-27 09:08:06 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempTn4928.html
[2011-01-26 16:48:21 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempCW2084.html
[2011-01-26 11:12:18 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempvP4892.html
[2011-01-26 08:17:09 | 000,000,134 | ---- | C] () -- C:\Users\Asia\Desktop\Połącz z — skrót.lnk
[2011-01-25 13:22:28 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempPV2776.html
[2011-01-25 11:26:35 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempZD1492.html
[2011-01-24 17:14:15 | 000,017,820 | ---- | C] () -- C:\Users\Asia\Desktop\Słoneczne dni.docx
[2011-01-24 16:35:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempqW2488.html
[2011-01-24 15:19:26 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempnH4204.html
[2011-01-22 10:40:23 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempjq5012.html
[2011-01-22 10:23:38 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempltT412.html
[2011-01-22 09:14:26 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempgQ5828.html
[2011-01-20 14:33:03 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temppi1472.html
[2011-01-20 10:15:44 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempjPg284.html
[2011-01-19 17:08:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempBt6416.html
[2011-01-19 13:10:19 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempQK4172.html
[2011-01-19 12:23:47 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempCd4364.html
[2011-01-19 10:41:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempFf4284.html
[2011-01-18 16:33:22 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempGP5700.html
[2011-01-18 15:05:59 | 000,086,046 | ---- | C] () -- C:\Users\Asia\Desktop\Potykacz.docx
[2011-01-18 12:29:47 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempMO2632.html
[2011-01-17 11:56:53 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempEc1992.html
[2011-01-14 11:18:40 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempiO1068.html
[2011-01-14 09:44:59 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempKMM484.html
[2011-01-14 09:08:30 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temply3664.html
[2011-01-13 11:54:34 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempaf1352.html
[2011-01-13 10:22:27 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempRZ4756.html
[2011-01-13 09:39:58 | 000,401,312 | ---- | C] () -- C:\Users\Asia\Desktop\Toyota Yaris co gdzie i jak.docx
[2011-01-13 08:52:52 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempbm4408.html
[2011-01-13 08:52:52 | 000,002,089 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempqI4408.html
[2011-01-12 13:38:01 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempAv1236.html
[2011-01-12 11:50:26 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempzK4244.html
[2011-01-10 16:51:53 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempQT1908.html
[2011-01-10 12:48:07 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempux4556.html
[2011-01-10 10:59:34 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempJo3060.html
[2011-01-08 10:32:59 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemprtB824.html
[2011-01-06 09:20:15 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempRF4032.html
[2011-01-05 17:53:16 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temppv5556.html
[2011-01-05 15:45:11 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempuy4804.html
[2011-01-05 13:58:39 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempua1660.html
[2011-01-04 17:56:58 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempyb4768.html
[2011-01-04 16:23:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempXe5772.html
[2011-01-04 14:05:45 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempuE2632.html
[2011-01-04 12:41:05 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempGD3628.html
[2011-01-04 10:40:02 | 000,024,245 | ---- | C] () -- C:\Users\Asia\Desktop\Zeszyt3.xlsx
[2011-01-04 09:37:24 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempgW1896.html
[2011-01-03 17:50:21 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempRl5872.html
[2011-01-03 11:34:58 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempve5604.html
[2011-01-03 10:41:06 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempux4024.html
[2010-12-31 10:37:30 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempRB4056.html
[2010-12-29 16:57:19 | 000,118,279 | ---- | C] () -- C:\Users\Asia\Documents\ulotka po slowacku pdf.pdf
[2010-12-29 15:48:32 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempCg2196.html
[2010-12-29 14:59:07 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempIj1400.html
[2010-12-29 11:09:08 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempbJ2620.html
[2010-12-28 12:46:24 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempcy1604.html
[2010-12-17 11:47:52 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempKN5760.html
[2010-12-14 14:47:33 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempxX5312.html
[2010-12-14 09:36:19 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempAm2568.html
[2010-12-13 13:20:43 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemprP4592.html
[2010-12-09 12:14:48 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempXs5152.html
[2010-12-08 16:11:44 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temptn8056.html
[2010-12-08 12:49:25 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temptt8048.html
[2010-12-08 10:42:10 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempuuN800.html
[2010-12-04 12:19:40 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempYw4552.html
[2010-12-01 14:35:52 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemprD3732.html
[2010-12-01 09:51:18 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempqe5264.html
[2010-11-29 16:08:27 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempFKV232.html
[2010-11-29 14:42:07 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempOJ3176.html
[2010-11-27 09:08:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempgP6084.html
[2010-11-26 16:21:58 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temptn3192.html
[2010-11-26 14:45:57 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempXr5776.html
[2010-11-26 09:55:00 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempjb3572.html
[2010-11-24 19:30:35 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempFZ1524.html
[2010-11-24 19:09:57 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempoo5680.html
[2010-11-24 11:07:38 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temprs5252.html
[2010-11-22 16:00:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempRr6636.html
[2010-11-22 13:02:38 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempub5672.html
[2010-11-22 09:49:00 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempfrG528.html
[2010-11-20 18:58:53 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempwj4244.html
[2010-11-16 15:17:55 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempLI4796.html
[2010-11-16 10:06:40 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempGu6016.html
[2010-11-16 10:06:40 | 000,002,089 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempos6016.html
[2010-11-15 16:23:25 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempgs1316.html
[2010-11-15 15:09:10 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempfr5908.html
[2010-11-15 14:34:44 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemptZ4112.html
[2010-11-15 14:34:44 | 000,002,089 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempek4112.html
[2010-11-15 09:40:39 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempPH5700.html
[2010-11-13 10:43:54 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempXh4836.html
[2010-11-13 09:11:54 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempnA4192.html
[2010-11-12 09:31:21 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempka4364.html
[2010-11-11 14:00:42 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempIO4548.html
[2010-11-10 10:43:40 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempIc5992.html
[2010-11-09 16:25:07 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempzn5892.html
[2010-11-09 09:29:25 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempqW1228.html
[2010-11-08 10:08:10 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempxb2576.html
[2010-11-08 09:37:26 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempdy4576.html
[2010-11-07 09:01:02 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemptQ3752.html
[2010-11-06 16:53:01 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Templn5592.html
[2010-11-06 16:16:55 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempxN4924.html
[2010-11-06 15:41:29 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempFS4680.html
[2010-11-06 11:09:21 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temptu2556.html
[2010-11-06 10:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempVL5644.html
[2010-11-06 09:02:16 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempbi5432.html
[2010-11-05 12:43:52 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempgT6104.html
[2010-11-05 09:57:10 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempgJf156.html
[2010-11-04 12:55:55 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempDl4540.html
[2010-11-04 09:26:36 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempTO5136.html
[2010-11-02 19:12:44 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemplG5024.html
[2010-11-02 09:42:44 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemppC5880.html
[2010-10-31 10:44:36 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempNl2132.html
[2010-10-30 08:07:56 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempuo1404.html
[2010-10-29 15:07:55 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempyO5936.html
[2010-10-29 14:00:10 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempml5568.html
[2010-10-29 11:04:03 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempSBw572.html
[2010-10-29 09:32:37 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempYq1564.html
[2010-10-29 08:45:03 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempWh5532.html
[2010-10-28 15:16:00 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempCm5956.html
[2010-10-28 13:23:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempcT4464.html
[2010-10-28 08:02:31 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempMQ6020.html
[2010-10-27 10:57:01 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempKu6100.html
[2010-10-26 15:34:53 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempNa4020.html
[2010-10-26 13:58:06 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempRP4732.html
[2010-10-26 13:18:04 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempoo5696.html
[2010-10-26 12:19:56 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempUJ2276.html
[2010-10-26 11:23:32 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempND5476.html
[2010-10-23 15:10:03 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempdj4260.html
[2010-10-22 14:28:26 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempWy6680.html
[2010-10-22 13:08:27 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempoy6000.html
[2010-10-19 14:18:04 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempQU5020.html
[2010-10-16 10:01:59 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempsw4532.html
[2010-10-15 09:52:43 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempdh5740.html
[2010-10-14 14:37:09 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempJk3588.html
[2010-10-14 12:53:48 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemphR3836.html
[2010-10-12 15:25:01 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempqN5640.html
[2010-10-12 12:58:47 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempbq1120.html
[2010-10-11 13:03:02 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempiL2840.html
[2010-10-11 11:45:22 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempuU3084.html
[2010-10-10 12:55:46 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempeW4896.html
[2010-10-09 13:33:28 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempBi3944.html
[2010-10-09 10:10:50 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempxq7004.html
[2010-10-09 07:48:49 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemptPT736.html
[2010-10-07 08:17:17 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TempqJ4104.html
[2010-10-06 14:58:13 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemppC2968.html
[2010-10-06 12:04:45 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Temprg4364.html
[2010-10-06 12:03:15 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemprB4364.html
[2010-10-06 10:17:34 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempia3928.html
[2010-10-05 15:56:09 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\Tempgc7444.html
[2010-10-05 15:01:42 | 000,002,432 | ---- | C] () -- C:\Users\Asia\AppData\Local\TemplU6612.html
[2010-08-25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010-08-25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010-01-20 19:05:59 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-10-06 17:02:46 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-07-28 16:33:36 | 000,005,972 | ---- | C] () -- C:\Users\Asia\AppData\Local\d3d9caps.dat
[2009-05-29 13:49:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-04-12 11:55:48 | 000,000,245 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009-02-13 11:19:21 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-02-10 21:11:01 | 000,000,000 | ---- | C] () -- C:\Users\Asia\AppData\Roaming\wklnhst.dat
[2009-02-09 14:45:36 | 000,026,340 | ---- | C] () -- C:\Users\Asia\AppData\Roaming\UserTile.png
[2009-02-09 14:43:07 | 000,054,272 | ---- | C] () -- C:\Users\Asia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-09 13:00:07 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll
[2009-02-08 23:49:19 | 000,001,491 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009-02-08 23:40:55 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2009-02-08 23:39:30 | 000,091,992 | ---- | C] () -- C:\Users\Asia\AppData\Local\edsinstaller.txt-20090208.log
[2009-02-08 23:38:23 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009-02-08 23:38:23 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009-02-08 23:35:50 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008-05-27 07:52:40 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008-05-27 07:49:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008-05-27 07:49:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008-05-14 13:48:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-05-14 13:48:14 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008-05-14 13:48:14 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008-05-14 13:48:13 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-10-22 12:14:25 | 000,000,000 | -HSD | M] -- C:\Users\Asia\AppData\Roaming\.#
[2008-05-27 07:46:45 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\Acer GameZone Console
[2009-02-21 13:38:41 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\Big Fish Games
[2009-02-09 13:58:09 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\eSobi
[2010-06-22 12:03:29 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\FloodLightGames
[2010-09-09 16:48:48 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\FRISK Software
[2010-09-29 11:32:10 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\Gadu-Gadu
[2010-10-07 08:16:20 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\Gadu-Gadu 10
[2009-02-17 20:09:44 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\Gaijin Ent
[2009-05-12 08:20:29 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\GHISLER
[2010-06-25 14:01:54 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\iWin
[2009-06-06 17:10:55 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\Nowe Gadu-Gadu
[2009-04-28 19:08:13 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\OpenFM
[2010-02-12 10:23:37 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\OpenOffice.org
[2010-10-14 09:22:57 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\PCToolsFirewallPlus
[2010-04-08 17:41:35 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\PegazNET
[2009-03-25 17:48:41 | 000,000,000 | ---D | M] -- C:\Users\Asia\AppData\Roaming\PlayFirst
[2008-05-27 07:46:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008-05-27 07:46:45 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008-05-27 07:57:18 | 000,000,362 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2008-05-27 07:57:18 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011-02-05 13:05:38 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008-01-21 03:34:29 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008-02-11 00:06:13 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011-02-05 19:29:51 | 2072,891,392 | -HS- | M] () -- C:\hiberfil.sys
[2009-04-12 11:54:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-04-12 11:54:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-02-05 19:29:49 | 2386,681,856 | -HS- | M] () -- C:\pagefile.sys
[2008-10-06 19:03:52 | 000,003,195 | -HS- | M] () -- C:\Patch.rev
[2008-05-27 18:16:50 | 000,000,145 | RHS- | M] () -- C:\preload.rev
[2009-02-08 23:37:56 | 000,000,651 | ---- | M] () -- C:\RHDSetup.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-02-09 13:01:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2009-02-09 13:01:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009-02-09 13:01:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009-02-09 13:01:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2007-01-12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008-01-21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008-01-21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008-01-21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C31F31E6
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:580E04D8

< End of report >
[/log]
[log]OTL Extras logfile created on: 2011-02-05 19:55:55 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Asia\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,57 Gb Total Space | 39,83 Gb Free Space | 35,70% Space Free | Partition Type: NTFS
Drive D: | 111,55 Gb Total Space | 108,52 Gb Free Space | 97,28% Space Free | Partition Type: NTFS

Computer Name: ASIA-PC | User Name: Asia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2438543876-426734136-3849193080-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B9B08B4-D48F-4612-A6B9-1F467F774EA1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1FDD60E3-22E3-4AF0-B6EA-827320DBBC04}" = rport=137 | protocol=17 | dir=out | app=system |
"{230F61F2-01CA-4261-90CE-0E6177C515D7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2EFCFE5F-15DC-40D5-B494-2397DBC23FE3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3049475E-6549-4A9B-B258-333FC1C2DF22}" = rport=139 | protocol=6 | dir=out | app=system |
"{312BDF53-CEAA-485B-8888-119697ECC307}" = lport=139 | protocol=6 | dir=in | app=system |
"{3EB3D352-0A64-43F1-9D9B-AA5FE24F50F2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4363B62F-D6E5-498D-BE3F-50576734EC85}" = lport=445 | protocol=6 | dir=in | app=system |
"{5F9D8189-80FA-4B70-BBCF-88D57E37FDD4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6CE03D3A-5880-495D-99EB-E33D8DED3680}" = lport=138 | protocol=17 | dir=in | app=system |
"{75C1A7E9-1DAB-4E9A-8298-568CC49A0B9E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7F49807A-DA86-42EB-8745-264A572E8902}" = rport=138 | protocol=17 | dir=out | app=system |
"{8B4D3E46-670B-4980-8B38-81EE878E8F14}" = lport=137 | protocol=17 | dir=in | app=system |
"{94C1704E-C2A5-41EA-9B26-E0184004A94D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{96F90302-A55D-40D5-8A41-E78D2DB0689D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B65F7678-E1F1-4D51-BC10-DF31D7C60152}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8EF84B3-9D58-4B44-B02B-E79B0C1044E7}" = rport=445 | protocol=6 | dir=out | app=system |
"{D7C36946-2259-4E07-AAEA-5ABE884BFF47}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D8A6DAF5-DCA8-4DFD-BB58-10FDD55C8B82}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00315A3F-6648-4BBF-9600-2A98E1E1EA7D}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{011590BF-9D6A-4FD7-A269-5E434E1C44AB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{020C3B8C-D112-4EC9-A50B-9842EF8958D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0855316E-0495-48E7-B8DA-0D4F216853AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{08754614-76B1-4047-9083-8C257B3E2716}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{228AD85A-C921-4322-B5E4-95C62E86074E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{29D78956-8884-4906-84A5-3DD192EB0391}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{4C43C8D1-E97A-47B0-A1B8-5FE3F2ABEB18}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4CBF7997-9F39-4CA2-9C7B-C55917401B90}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{5EDBBA95-01D9-411D-950A-C81D3FB1314C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{6209664E-A518-4D34-B13D-5CD8723306B1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{6B50CAD0-8870-453E-A3EE-F95675805CEE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{76DA757A-6391-4F49-B157-51BBD44C0744}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{805E8F83-6B99-40FF-AC9B-8D4457EA6196}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{8474FD22-7125-405C-9A35-95AC8E525741}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{89C1D655-E0C0-40CF-8A93-CA27E77691AB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{8EEB9FFC-288A-4039-B51B-EC406904532E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{8F198D20-D9F7-48B1-B3AC-AB599F985C4A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{90D81F54-3537-41BC-A232-F68E5A339452}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{98244CBD-9CB9-4C2D-94C7-AE968A08A2CD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{A9313697-12E9-4785-8DFA-9A452645AD7E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9E33732-E4A6-4298-919C-47D04388BFAD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{B0161ADB-4A54-4F1B-8210-14A950941B08}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{B4452218-E5D1-43AA-8F16-80F53B5A5E72}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{BF262468-9A21-4370-811B-2C3733C5103F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BF60F760-7367-40F6-971E-FE43575A37C1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C1FAD6A7-FC70-4F48-88A2-1F2E36564FB1}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{C9BD67D2-C1B8-4BBA-9E76-23AE1AA7E31C}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{CBD417D4-0253-4EE4-85F4-DD54B17BDCDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{CCA34815-895E-4E20-B7ED-BEA4D6B15DC2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{CEE56D86-9D13-4D85-88BC-BD0E7B70F4D4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E7F59482-5FC5-417F-92EF-55D0D27CA111}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{EB08DE00-2165-4522-B6E3-EA2EB98960A5}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{EB096495-0362-4A28-A23B-C84AE04F3A29}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{F95248A1-3E20-40B7-8D53-B1201965D140}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{1E6D4414-6935-4D3D-9F81-3CE45C4A2F96}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{C2596493-4F7B-4BC7-B66C-CF2E45BACB46}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{CB7627C9-41D9-4CAF-BB4A-2B9C0B1A1D9F}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{5AC6B7C4-70A2-43E6-BB39-7961183A54F0}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{959579EF-7BC1-43C7-A14D-5C854B3B38AA}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{EFF3F718-B293-4E67-9D78-92DC68564643}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3A1B5E0E-250A-4322-9D86-6E27857743C1}" = F735
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51CB6226-C9A4-4C98-9C68-8A9B058E9EA1}" = F-PROT Antivirus dla Windows
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{870D7C70-1961-467a-86E4-D67D329E8172}" = HP Deskjet F735 All-In-One Driver Software 11.0 Rel .4
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00B2-0415-0000-0000000FF1CE}" = Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}" = OpenOffice.org 3.1
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish
"{B32D4B38-38D9-45DB-93EC-F5473AA452A4}" = F735_Help
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D1EE8DB1-BCA3-41E7-9178-ACFDDF2ECB64}" = DJ_AIO_04_F735_ProductContext
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D541804F-B0ED-4B53-9A1D-6E2A7EE5E856}" = DJ_AIO_04_F735_Software
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DB14F755-2F5B-4A8A-96DB-3F408C5C002E}" = DJ_AIO_04_F735_Software_Min
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{E9AD90C1-6281-45AB-9458-098D2EF770A1}" = Microsoft Works
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 4.65
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ALLPlayer_is1" = ALLPlayer V4.X
"Ashampoo WinOptimizer 5_is1" = Ashampoo WinOptimizer 5.12
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner (remove only)
"Chicken Invaders 3 Xmas" = Chicken Invaders 3 Xmas (remove only)
"Chicken Invaders 3_is1" = Chicken Invaders 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 3200] [2010-01-12]
"Gadu-Gadu" = Gadu-Gadu 7.7
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LManager" = Launch Manager
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSC" = McAfee SecurityCenter
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"Pegaz" = Pegaz
"Pegaz, Komponenty systemowe" = Pegaz, Komponenty systemowe
"Picasa 3" = Picasa 3
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Turbo Pizza_is1" = Turbo Pizza
"Ulead Photo Express 2.0 SE" = Ulead Photo Express 2.0 SE
"WinRAR archiver" = Archiwizator WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:12 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-05-20 12:01:13 | Computer Name = Asia-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 2011-02-03 05:33:05 | Computer Name = Asia-PC | Source = F-PROT Antivirus | ID = 4096
Description = Brakuje pliku sygnatur wirusow For more information please visit http://www.f-prot.com/support/index.html

Error - 2011-02-04 02:56:50 | Computer Name = Asia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-04 05:27:28 | Computer Name = Asia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hpqgpc01.exe, wersja 130.0.14.16, sygnatura
czasowa 0x49dd90d9, moduł powodujący błąd ole32.dll, wersja 6.0.6001.18498, sygnatura
czasowa 0x4c28cad0, kod wyjątku 0xc0000005, przesunięcie błędu 0x000389b5, identyfikator
procesu 0xeec, godzina rozpoczęcia aplikacji 0x01cbc438f201bd86.

Error - 2011-02-04 09:56:30 | Computer Name = Asia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-04 10:48:48 | Computer Name = Asia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-05 04:09:31 | Computer Name = Asia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-05 04:28:57 | Computer Name = Asia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-05 14:31:35 | Computer Name = Asia-PC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-05 14:53:13 | Computer Name = Asia-PC | Source = F-PROT Antivirus | ID = 4096
Description = Brakuje pliku sygnatur wirusow For more information please visit http://www.f-prot.com/support/index.html

Error - 2011-02-05 14:53:36 | Computer Name = Asia-PC | Source = F-PROT Antivirus | ID = 4096
Description = Brakuje pliku sygnatur wirusow For more information please visit http://www.f-prot.com/support/index.html

[ OSession Events ]
Error - 2010-03-05 02:33:37 | Computer Name = Asia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1746
seconds with 1380 seconds of active time. This session ended with a crash.

Error - 2010-04-19 02:28:54 | Computer Name = Asia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2456
seconds with 1620 seconds of active time. This session ended with a crash.

Error - 2010-05-23 14:15:19 | Computer Name = Asia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 558
seconds with 300 seconds of active time. This session ended with a crash.

Error - 2011-01-03 10:11:39 | Computer Name = Asia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2011-01-11 08:55:54 | Computer Name = Asia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6578
seconds with 2760 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2010-01-21 10:09:14 | Computer Name = Asia-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 2010-01-21 10:09:26 | Computer Name = Asia-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-01-21 10:10:50 | Computer Name = Asia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2010-01-21 10:11:24 | Computer Name = Asia-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2010-01-21 13:30:35 | Computer Name = Asia-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 2010-01-21 13:30:43 | Computer Name = Asia-PC | Source = HTTP | ID = 15016
Description =

Error - 2010-01-21 13:32:01 | Computer Name = Asia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2010-01-21 13:32:34 | Computer Name = Asia-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2010-01-21 15:13:21 | Computer Name = Asia-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 2010-01-21 15:27:36 | Computer Name = Asia-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 20:24:36 na 2010-01-21 było nieoczekiwane.


< End of report >
[/log]

RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Asia at 2011-02-05 19:56:25
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 41 GB (36%) free of 114 GB
Total RAM: 1976 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:57:26, on 2011-02-05
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18542)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\hkcmd.exe
C:\Users\Asia\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Asia\Downloads\OTL.exe
C:\Users\Asia\Downloads\RSIT.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\trend micro\Asia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&s=2&o=vb32&d=0209&m=aspire_5735
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&s=2&o=vb32&d=0209&m=aspire_5735
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0415&s=2&o=vb32&d=0209&m=aspire_5735
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{E46D3E79-D276-41FC-96DC-31904849A4A4}: NameServer = 192.168.0.251,192.168.0.252
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Menedżer Google Desktop 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Usługa Google Update (gupdate1c9df80adbcb1ae) (gupdate1c9df80adbcb1ae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

--
End of file - 13948 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-03-25 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-14 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-29 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-05-20 251416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-05-20 251416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-14 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-03-25 645328]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-04-10 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-04-10 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-04-18 167936]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-02-08 24064]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"Skytel"=C:\Windows\Skytel.exe [2007-11-21 1826816]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-09-10 809480]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-06-11 409600]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 81920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"PE2CKFNT SE"=C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe [1998-07-03 25088]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"F-PROT Antivirus Tray application"=C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe [2009-08-27 1597832]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-06-04 869888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-02-20 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-08 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Asia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-08-18 384000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Photo Express Calendar Checker SE.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe

C:\Users\Asia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FPAVServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 2 months======

2011-02-05 19:56:26 ----D---- C:\Program Files\trend micro
2011-02-05 19:56:25 ----D---- C:\rsit
2011-02-05 19:35:25 ----D---- C:\Windows\pss
2011-02-05 09:21:29 ----D---- C:\Windows\system32\x64
2011-01-12 09:19:16 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 09:19:06 ----A---- C:\Windows\system32\sdclt.exe
2010-12-16 07:23:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 07:23:23 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 07:23:22 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 07:23:21 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 07:23:20 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 07:23:19 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 07:23:11 ----A---- C:\Windows\system32\consent.exe
2010-12-16 07:23:07 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 07:23:07 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 07:23:06 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 07:22:57 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 07:22:55 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 07:22:53 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 07:22:53 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 07:22:50 ----A---- C:\Windows\system32\ieapfltr.dll
2010-12-16 07:22:49 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 07:22:48 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 07:22:47 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 07:22:46 ----A---- C:\Windows\system32\ieaksie.dll
2010-12-16 07:22:45 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 07:22:44 ----A---- C:\Windows\system32\occache.dll
2010-12-16 07:22:44 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 07:22:44 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 07:22:44 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 07:22:44 ----A---- C:\Windows\system32\ieencode.dll
2010-12-16 07:22:23 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 2 months======

2011-02-05 19:56:54 ----D---- C:\Windows\Temp
2011-02-05 19:56:50 ----D---- C:\Windows\Prefetch
2011-02-05 19:56:26 ----RD---- C:\Program Files
2011-02-05 19:35:25 ----D---- C:\Windows
2011-02-05 09:27:58 ----D---- C:\Windows\System32
2011-02-05 09:21:20 ----D---- C:\Windows\inf
2011-02-05 09:18:53 ----D---- C:\Windows\system32\drivers
2011-02-05 09:18:20 ----D---- C:\Windows\system32\catroot
2011-02-05 09:15:08 ----SHD---- C:\System Volume Information
2011-02-04 16:10:53 ----D---- C:\Windows\Minidump
2011-02-04 16:10:53 ----D---- C:\Windows\Debug
2011-02-04 10:52:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-03 17:39:35 ----D---- C:\Users\Asia\AppData\Roaming\Skype
2011-02-03 17:38:05 ----D---- C:\Users\Asia\AppData\Roaming\skypePM
2011-01-28 11:01:23 ----D---- C:\ProgramData\ALLPlayer
2011-01-26 08:08:56 ----D---- C:\Windows\system32\catroot2
2011-01-13 08:58:54 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 08:58:42 ----D---- C:\Windows\winsxs
2011-01-10 15:51:53 ----D---- C:\Pegaz
2011-01-08 10:20:17 ----D---- C:\ProgramData\PegazNET
2010-12-29 13:07:29 ----D---- C:\OFERTY
2010-12-17 09:27:11 ----D---- C:\Windows\rescache
2010-12-17 09:06:34 ----D---- C:\Program Files\Windows Mail
2010-12-17 09:06:30 ----D---- C:\Program Files\Internet Explorer
2010-12-17 08:14:42 ----D---- C:\Windows\system32\pl-PL
2010-12-14 15:14:39 ----SHD---- C:\Windows\Installer
2010-12-13 17:00:17 ----D---- C:\Program Files\Mozilla Firefox
2010-12-09 11:29:56 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-14 18992]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 FPAV_RTP;FPAV_RTP; C:\Windows\system32\DRIVERS\FPAV_RTP.sys [2009-08-27 675032]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-25 214024]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-10-23 130424]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-04-18 61424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-01 1202560]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-14 2152344]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-03-25 79880]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-03-25 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-03-25 40552]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-08-12 61440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-03-25 34216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-21 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FPAVServer;F-PROT Antivirus for Windows system; C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2009-08-27 75424]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2010-04-16 93320]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-03-25 797864]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-03-25 144704]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-03-19 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-03-23 606736]
S2 gupdate1c9df80adbcb1ae;Usługa Google Update (gupdate1c9df80adbcb1ae); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-28 133104]
S3 GoogleDesktopManager-080708-050100;Menedżer Google Desktop 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-02-08 24064]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-04-01 365072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
[/log]
[log]info.txt logfile of random's system information tool 1.08 2011-02-05 19:57:36

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Crystal Eye Webcam 2.0.8-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x0015 -removeonly
Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -runfromtemp -l0x0015 -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x0015 -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe" -runfromtemp -l0x0015 -removeonly
Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x15 -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.3 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001}
Agatha Christie Death on the Nile-->"C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\install.log"
Agere Systems HDA Modem-->agrsmdel
Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"
ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe"
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo WinOptimizer 5.12-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 5\unins000.exe"
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Azada-->"C:\Program Files\Acer GameZone\Azada\Uninstall.exe" "C:\Program Files\Acer GameZone\Azada\install.log"
Backspin Billiards-->"C:\Program Files\Acer GameZone\Backspin Billiards\Uninstall.exe" "C:\Program Files\Acer GameZone\Backspin Billiards\install.log"
Big Kahuna Reef-->"C:\Program Files\Acer GameZone\Big Kahuna Reef\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef\install.log"
Bookworm Deluxe-->"C:\Program Files\Acer GameZone\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Bookworm Deluxe\install.log"
Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log"
Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Chicken Invaders 3 Xmas (remove only)-->"C:\Program Files\Chicken Invaders 3 Xmas\Uninstall.exe"
Chicken Invaders 3-->"C:\Program Files\Acer GameZone\Chicken Invaders 3\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 3\install.log"
Chicken Invaders 3-->"C:\Program Files\Chicken Invaders 3\ReflexiveArcade\unins000.exe"
Chuzzle-->"C:\Program Files\Acer GameZone\Chuzzle\Uninstall.exe" "C:\Program Files\Acer GameZone\Chuzzle\install.log"
Diner Dash Flo on the Go-->"C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\install.log"
Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-0415-0000-0000000FF1CE}
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409
ffdshow [rev 3200] [2010-01-12]-->"C:\Program Files\ffdshow\unins000.exe"
Flip Words 2-->"C:\Program Files\Acer GameZone\Flip Words 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Flip Words 2\install.log"
F-PROT Antivirus dla Windows-->MsiExec.exe /I{51CB6226-C9A4-4C98-9C68-8A9B058E9EA1}
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F735 All-In-One Driver Software 11.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{870D7C70-1961-467a-86E4-D67D329E8172}\setup\hpzscr01.exe -datfile hposcr34.dat -onestop
HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
Kick N Rush-->"C:\Program Files\Acer GameZone\Kick N Rush\Uninstall.exe" "C:\Program Files\Acer GameZone\Kick N Rush\install.log"
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"
Mahjongg Artifacts-->"C:\Program Files\Acer GameZone\Mahjongg Artifacts\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjongg Artifacts\install.log"
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{E9AD90C1-6281-45AB-9458-098D2EF770A1}
MIKSOFT Mobile AMR converter-->"C:\Program Files\MIKSOFT\Mobile AMR converter\unins000.exe"
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files - Huntsville-->"C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\install.log"
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nowe Gadu-Gadu-->C:\Users\Asia\Desktop\Nowe Gadu-Gadu\Uninstall.exe
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0415
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0415
OpenOffice.org 3.1-->MsiExec.exe /I{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}
Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}
Pegaz, Komponenty systemowe-->C:\Windows\AtenaLog\UNWISE.EXE C:\Windows\AtenaLog\Install.LOG
Pegaz-->C:\Pegaz\UNINST~1\Pegaz\UNWISE.EXE C:\Pegaz\UNINST~1\Pegaz\INSTALL.LOG
PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0015 -removeonly
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log"
Turbo Pizza-->"C:\Program Files\Turbo Pizza\ReflexiveArcade\unins000.exe"
Ulead Photo Express 2.0 SE-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\IS32Inst.dll"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 090823-0]
AS: Windows Defender
AS: avast! antivirus 4.8.1229 [VPS 090823-0]

======System event log======

Computer Name: Asia-PC
Event Code: 4201
Message: System wykrył, że karta sieciowa Połączenie lokalne została podłączona do sieci i ma zainicjowane normalne działanie.
Record Number: 182731
Source Name: Tcpip
Time Written: 20100121192720.462089-000
Event Type: Informacje
User:

Computer Name: Asia-PC
Event Code: 6008
Message: Poprzednie zamknięcie systemu przy 20:24:36 na 2010-01-21 było nieoczekiwane.
Record Number: 182732
Source Name: EventLog
Time Written: 20100121192736.000000-000
Event Type: Błąd
User:

Computer Name: Asia-PC
Event Code: 6009
Message: Microsoft (R) Windows (R) 6.00. 6001 Service Pack 1 Multiprocessor Free.
Record Number: 182733
Source Name: EventLog
Time Written: 20100121192736.000000-000
Event Type: Informacje
User:

Computer Name: Asia-PC
Event Code: 6005
Message: Uruchomiono usługę Dziennik zdarzeń.
Record Number: 182734
Source Name: EventLog
Time Written: 20100121192736.000000-000
Event Type: Informacje
User:

Computer Name: Asia-PC
Event Code: 6013
Message: Czas pracy systemu wynosi 30 s.
Record Number: 182735
Source Name: EventLog
Time Written: 20100121192736.000000-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: Asia-PC
Event Code: 0
Message:
Record Number: 115203
Source Name: gupdate1c9df80adbcb1ae
Time Written: 20110205183437.000000-000
Event Type: Informacje
User:

Computer Name: Asia-PC
Event Code: 1
Message: Klient usług certyfikatów został uruchomiony pomyślnie.
Record Number: 115204
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20110205183721.315148-000
Event Type: Informacje
User: Asia-PC\Asia

Computer Name: Asia-PC
Event Code: 4096
Message: Brakuje pliku sygnatur wirusow

For more information please visit http://www.f-prot.com/support/index.html
Record Number: 115205
Source Name: F-PROT Antivirus
Time Written: 20110205185313.000000-000
Event Type: Błąd
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Asia-PC
Event Code: 4096
Message: Brakuje pliku sygnatur wirusow

For more information please visit http://www.f-prot.com/support/index.html
Record Number: 115206
Source Name: F-PROT Antivirus
Time Written: 20110205185336.000000-000
Event Type: Błąd
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: Asia-PC
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 115207
Source Name: LightScribeService
Time Written: 20110205185734.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: Asia-PC
Event Code: 4905
Message: Podjęto próbę wyrejestrowania źródła zdarzeń zabezpieczeń.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: ASIA-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Proces:
Identyfikator procesu: 0x17ec
Nazwa procesu: C:\Windows\System32\VSSVC.exe

Źródło zdarzeń:
Nazwa źródła: VSSAudit
Identyfikator źródła zdarzeń: 0x401420
Record Number: 74966
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100831042046.138126-000
Event Type: Sukces inspekcji
User:

Computer Name: Asia-PC
Event Code: 4647
Message: Użytkownik zainicjował wylogowanie:

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-2438543876-426734136-3849193080-1000
Nazwa konta: Asia
Domena konta: Asia-PC
Identyfikator logowania: 0x1e973

To zdarzenie jest generowane, gdy zostanie zainicjowane wylogowanie, ale liczba odwołań do tokenu nie jest równa zero i nie można zniszczyć sesji logowania. Nie mogą występować dalsze działania inicjowane przez użytkownika. To zdarzenie można interpretować jako zdarzenie wylogowania.
Record Number: 74967
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100831042859.378126-000
Event Type: Sukces inspekcji
User:

Computer Name: Asia-PC
Event Code: 1100
Message: Usługa rejestrowania zdarzeń została zamknięta.
Record Number: 74968
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100831042903.262200-000
Event Type: Sukces inspekcji
User:

Computer Name: Asia-PC
Event Code: 4616
Message: Czas systemowy został zmieniony.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-19
Nazwa konta: USŁUGA LOKALNA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e5

Informacje o procesie:
Identyfikator procesu: 0x530
Nazwa: C:\Windows\System32\svchost.exe

Poprzedni czas: 06:29:02 2010-08-31
Nowy czas: 06:29:02 2010-08-31

To zdarzenie jest generowane w momencie zmiany czasu systemowego. Regularne zmiany czasu systemowego wykonywane przez usługę Czas systemu Windows, która działa z uprawnieniami systemowymi, są normalne. Inne zmiany czasu systemowego mogą wskazywać próby naruszenia integralności komputera.
Record Number: 74969
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100831042902.965800-000
Event Type: Sukces inspekcji
User:

Computer Name: Asia-PC
Event Code: 4634
Message: Użytkownik wylogował się z konta.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-7
Nazwa konta: LOGOWANIE ANONIMOWE
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x4333a

Typ logowania: 3

To zdarzenie jest generowane w przypadku zniszczenia sesji logowania.. Można je jednoznacznie skorelować ze zdarzeniem logowania przy użyciu wartości identyfikatora logowania. Identyfikatory logowania są unikatowe tylko między ponownymi rozruchami na tym samym komputerze.
Record Number: 74970
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100831042903.886200-000
Event Type: Sukces inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Odinstaluj McAfee SiteAdvisor Toolbar.

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB.
W OTL, w oknie Custom scan/fixes wklej:

[code]:OTL
O33 - MountPoints2\{4934e367-b732-11de-99c1-001d72d2e339}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{76ae3dde-1e44-11df-8302-001d72d2e339}\Shell - "" = AutoRun
O33 - MountPoints2\{76ae3dde-1e44-11df-8302-001d72d2e339}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{87a2162f-b37b-11df-ba61-001d72d2e339}\Shell - "" = Autorun
O33 - MountPoints2\{87a2162f-b37b-11df-ba61-001d72d2e339}\Shell\AutoRun\command - "" = setup.exe
O33 - MountPoints2\{9ded13be-f64f-11dd-8d56-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9ded13be-f64f-11dd-8d56-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EuroTEST.exe
O33 - MountPoints2\{af37ced7-059b-11df-9a3e-001d72d2e339}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{ce5df4d4-8b18-11df-a48c-001d72d2e339}\Shell\AutoRun\command - "" = F:\Launcher.exe
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C31F31E6
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:580E04D8

:Files
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\LogConfigTemp.xml
C:\Users\Asia\AppData\Local\Temp*.html
C:\Users\Asia\AppData\Roaming\wklnhst.dat
C:\Users\Asia\AppData\Roaming\.#

:Commands
[emptytemp][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT

przemek980
komentarz
komentarz

Chyba sobie daruję. Dzięki za pomoc i chęci, ale użyję optymalnego narzędzia do
naprawy Windows - format :D
Pozdrawiam

Tomek01
komentarz
komentarz

Zdziwiłbyś się, ale są wirusy, które ciężko usunąć nawet formatem. ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.