raasky utworzono 15 marca 2011 utworzono 15 marca 2011 (edytowane) Witam, od paru dni bardzo zamula mi komp, przy czyszczeniu rejestru wyskakuje 3x wiecej problemow do naprawienia niz zwykle. Zniknal mi pasek jezyka z paska zadan w windows 7, zostal zmieniony na PL 214, ale w skype dziala PL programisty. Nie pomaga zaznaczenie opcji pokaz dodatkowe ikony paska jezyka czy pasek jezyka na wierzchu pulpitu. Usunalem z listy wszystkie klawiatury oprócz PL programisty i 214, ktora jest domyslna i nie moge jej usunac, a mimo wszystko dalej wszedzie oprócz czatu w skype pisze w PL 214 :? Prosze o pomoc! Podaje logi z OTL [log]OTL logfile created on: 3/15/2011 11:35:07 AM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free 6.00 Gb Paging File | 4.00 Gb Available in Paging File | 66.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 45.28 Gb Total Space | 8.15 Gb Free Space | 17.99% Space Free | Partition Type: NTFS Drive D: | 237.71 Gb Total Space | 26.38 Gb Free Space | 11.10% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe PRC - [2011/03/13 21:44:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/11/09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe PRC - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys PRC - [2010/10/29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/09/04 04:20:40 | 003,845,000 | ---- | M] (Autodesk, Inc.) -- D:\Program Files\Autodesk\Revit Architecture 2011\Program\Revit.exe PRC - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2010/08/20 10:49:04 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/05/20 06:32:50 | 000,442,808 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exe PRC - [2010/03/22 18:51:56 | 002,088,448 | ---- | M] (Baptiste Girod) -- C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe PRC - [2010/02/26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008/03/06 09:12:58 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe PRC - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/03/05 19:42:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/01/05 10:42:03 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai) SRV - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys -- (PrismXL) SRV - [2010/10/28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/04/27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc) SRV - [2009/09/23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip) SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/06/05 22:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/12/22 15:27:35 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/04 15:20:30 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010/08/20 10:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd) DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2010/02/01 12:30:32 | 000,557,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326) DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007/12/26 02:08:38 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007/01/25 02:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66 FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pl&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/30 13:15:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011/03/13 21:44:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/03/13 21:44:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2010/02/27 14:44:05 | 000,000,000 | ---D | M] [2011/01/02 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions [2010/02/27 14:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\personas@christopher.beard [2011/03/14 13:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions [2011/03/12 13:30:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/02/19 16:16:22 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66} [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/03/12 13:30:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/01/02 20:14:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/03/12 13:30:19 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2011/01/26 19:41:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/02/19 16:16:22 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\collector@broceliand.fr [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\smarterwiki@wikiatic.com [2011/01/02 20:22:12 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\youtube2mp3@mondayx.de O1 HOSTS File: ([2011/03/05 17:42:25 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [YouCam Mirage] d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..Trusted Domains: viauc.dk ([print] http in Zaufane witryny) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.253.22.140 10.253.22.141 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell - "" = AutoRun O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/03/15 11:29:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe [2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\windows\XSxS [2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode [2011/03/15 10:47:14 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Flash Plaer [2011/03/13 20:12:21 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\ArchiCAD 13 [2011/03/13 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Staircase Analisys [2011/03/13 12:56:33 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Autodesk, Inc [2011/03/11 15:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Avatar [2011/03/11 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\CyberLink [2011/03/11 14:52:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [2011/03/11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\CyberLink [2011/03/10 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO [2011/03/10 09:59:43 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Files from Internet [2011/03/10 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\My Files [2011/03/10 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Lectures [2011/03/06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Podatki [2011/03/05 19:47:41 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat [2011/03/05 19:42:24 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys [2011/03/05 19:42:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011/03/05 19:42:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011/03/05 19:42:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011/03/05 19:42:09 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011/03/05 19:42:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011/03/05 19:42:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/03/05 19:42:08 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011/03/05 19:42:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011/03/05 19:42:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011/03/05 19:41:46 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll [2011/03/05 19:41:46 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2011/03/05 19:41:46 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2011/03/05 19:41:46 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2011/03/05 19:41:45 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL [2011/03/05 19:41:45 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll [2011/03/05 19:41:45 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2011/03/05 19:41:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll [2011/03/05 19:41:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll [2011/03/05 19:41:43 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\upnp.dll [2011/03/05 19:41:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/03/05 19:41:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\davclnt.dll [2011/03/05 19:41:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll [2011/03/05 19:41:41 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/03/05 19:41:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll [2011/03/05 19:41:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2011/03/05 19:41:33 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2011/03/05 19:41:33 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2011/03/05 19:41:32 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc.dll [2011/03/05 19:41:32 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_isv.dll [2011/03/05 19:41:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_isv.exe [2011/03/05 19:41:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate.exe [2011/03/05 19:41:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp.exe [2011/03/05 19:41:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp_isv.exe [2011/03/05 19:41:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp_isv.dll [2011/03/05 19:41:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp.dll [2011/03/05 19:41:30 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll [2011/03/05 19:41:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2011/03/05 19:41:29 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbc32.dll [2011/03/05 19:41:28 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe [2011/03/05 19:41:27 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll [2011/03/05 19:41:27 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll [2011/03/05 19:41:27 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll [2011/03/05 19:41:27 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe [2011/03/05 19:41:26 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys [2011/03/05 19:41:25 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2011/03/05 19:41:24 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll [2011/03/05 19:41:24 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011/03/05 19:41:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011/03/05 19:41:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll [2011/03/05 19:41:21 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisdecd.dll [2011/03/05 19:41:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdri.dll [2011/03/05 19:41:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSNP.ax [2011/03/05 19:41:21 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax [2011/03/05 19:41:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011/03/05 19:41:19 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011/03/05 19:40:49 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2011/03/05 19:39:28 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2011/03/05 19:39:28 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll [2011/03/05 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes [2011/03/05 17:48:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/03/05 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/03/05 17:47:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/03/03 23:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2011/03/03 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Adobe [2011/03/03 23:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011/03/03 23:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011/03/03 21:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 5.2 [2011/03/03 20:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\3dsMax [2011/03/03 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V-Ray for SketchUp [2011/03/03 15:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe [2011/03/03 14:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASGVIS [2011/03/03 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Inventor [2011/03/02 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\sdfgsdfg [2011/03/01 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\FLVService [2011/03/01 21:18:04 | 000,000,000 | ---D | C] -- C:\windows\Freecorder [2011/02/27 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011/02/19 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\The KMPlayer [2011/02/19 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011/02/14 12:09:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\dsekjhsf [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/03/15 11:39:09 | 006,553,600 | -HS- | M] () -- C:\Users\Rafał\NTUSER.DAT [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe [2011/03/15 10:54:02 | 000,000,545 | ---- | M] () -- C:\windows\win.ini [2011/03/15 08:36:02 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/03/15 08:36:02 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/03/15 08:28:19 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2011/03/15 08:28:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/03/15 08:28:09 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2011/03/14 14:01:59 | 006,092,849 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2011/03/13 20:03:22 | 000,166,584 | ---- | M] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf [2011/03/11 11:47:44 | 000,108,629 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg [2011/03/11 11:17:47 | 000,047,161 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf [2011/03/10 13:55:06 | 001,654,586 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2011/03/10 13:55:06 | 000,734,536 | ---- | M] () -- C:\windows\System32\perfh015.dat [2011/03/10 13:55:06 | 000,653,898 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/03/10 13:55:06 | 000,148,904 | ---- | M] () -- C:\windows\System32\perfc015.dat [2011/03/10 13:55:06 | 000,121,090 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/03/10 11:39:20 | 000,049,849 | ---- | M] () -- C:\Users\Rafał\Desktop\310.dwg [2011/03/09 20:45:15 | 003,733,661 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3 [2011/03/07 13:29:33 | 000,040,240 | ---- | M] () -- C:\Users\Rafał\Documents\3D 02.jpg [2011/03/07 13:25:39 | 000,041,323 | ---- | M] () -- C:\Users\Rafał\Documents\3D 01.jpg [2011/03/06 20:02:08 | 004,004,916 | ---- | M] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3 [2011/03/06 18:43:06 | 003,161,057 | ---- | M] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3 [2011/03/06 18:11:21 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini [2011/03/05 19:57:30 | 000,000,304 | -HS- | M] () -- C:\windows\tasks\Vwclnspa.job [2011/03/05 19:50:19 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2011/03/05 19:49:19 | 004,006,440 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/03/05 19:31:00 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job [2011/03/05 19:19:00 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2011/03/05 17:42:25 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts [2011/03/05 16:31:00 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job [2011/03/03 23:48:55 | 000,148,264 | ---- | M] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2011/03/03 23:36:07 | 000,125,927 | ---- | M] () -- C:\windows\System32\5e6c9151.exe [2011/03/03 23:35:57 | 000,001,023 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk [2011/03/03 20:01:30 | 006,485,848 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3 [2011/03/03 14:42:41 | 000,017,588 | ---- | M] () -- C:\windows\System32\drivers\etc\services [2011/03/01 19:11:26 | 002,960,430 | ---- | M] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3 [2011/02/25 09:19:23 | 000,467,882 | ---- | M] () -- C:\Users\Rafał\Desktop\0 - 20.mp3 [2011/02/25 09:19:19 | 000,531,601 | ---- | M] () -- C:\Users\Rafał\Desktop\100 -1876.mp3 [2011/02/20 13:49:37 | 012,202,592 | ---- | M] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3 [2011/02/15 09:33:03 | 000,047,104 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/14 12:13:03 | 000,040,602 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/03/13 20:03:20 | 000,166,584 | ---- | C] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf [2011/03/11 11:34:37 | 000,108,629 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg [2011/03/11 11:17:47 | 000,047,161 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf [2011/03/10 11:39:20 | 000,049,849 | ---- | C] () -- C:\Users\Rafał\Desktop\310.dwg [2011/03/09 20:42:03 | 003,733,661 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3 [2011/03/07 13:29:33 | 000,040,240 | ---- | C] () -- C:\Users\Rafał\Documents\3D 02.jpg [2011/03/07 13:25:39 | 000,041,323 | ---- | C] () -- C:\Users\Rafał\Documents\3D 01.jpg [2011/03/06 19:58:48 | 004,004,916 | ---- | C] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3 [2011/03/06 18:40:24 | 003,161,057 | ---- | C] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3 [2011/03/03 23:45:29 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk [2011/03/03 23:44:35 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk [2011/03/03 23:43:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk [2011/03/03 23:42:51 | 000,002,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk [2011/03/03 23:42:08 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk [2011/03/03 23:41:04 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk [2011/03/03 23:40:46 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2011/03/03 23:34:31 | 000,125,927 | ---- | C] () -- C:\windows\System32\5e6c9151.exe [2011/03/03 23:34:21 | 000,001,023 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk [2011/03/03 23:33:48 | 000,000,304 | -HS- | C] () -- C:\windows\tasks\Vwclnspa.job [2011/03/03 23:24:42 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk [2011/03/03 23:23:48 | 000,000,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2011/03/03 23:23:26 | 000,000,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2011/03/03 23:21:58 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011/03/03 23:21:45 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011/03/03 23:21:00 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011/03/03 20:01:12 | 006,485,848 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3 [2011/03/01 19:11:11 | 002,960,430 | ---- | C] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3 [2011/03/01 11:45:52 | 012,202,592 | ---- | C] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3 [2011/02/25 09:19:23 | 000,467,882 | ---- | C] () -- C:\Users\Rafał\Desktop\0 - 20.mp3 [2011/02/25 09:19:18 | 000,531,601 | ---- | C] () -- C:\Users\Rafał\Desktop\100 -1876.mp3 [2011/02/19 16:26:44 | 000,001,058 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job [2011/02/19 16:26:43 | 000,001,006 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job [2011/02/14 12:13:03 | 000,040,602 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg [2011/01/30 13:14:56 | 000,023,203 | ---- | C] () -- C:\windows\hpqins15.dat [2011/01/30 11:26:48 | 000,211,070 | ---- | C] () -- C:\windows\hpoins18.dat [2011/01/30 11:26:48 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat [2011/01/19 16:43:20 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini [2011/01/19 16:43:18 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2011/01/19 16:43:18 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2011/01/19 16:43:18 | 000,000,590 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2011/01/12 19:24:23 | 000,000,152 | ---- | C] () -- C:\windows\Aslan.INI [2010/12/19 19:10:52 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini [2010/12/19 11:25:44 | 000,000,048 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat [2010/12/05 14:10:28 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin [2010/09/04 17:47:43 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll [2010/07/31 21:40:41 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe [2010/07/31 21:40:40 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys [2010/07/31 21:40:36 | 000,183,112 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe [2010/03/01 17:50:08 | 000,000,145 | ---- | C] () -- C:\windows\splendor.ini [2010/03/01 17:46:03 | 000,284,160 | ---- | C] () -- C:\windows\unin0415.exe [2009/12/23 13:51:46 | 002,392,064 | ---- | C] () -- C:\windows\System32\videotrans.dll [2009/12/23 13:51:46 | 000,215,040 | ---- | C] () -- C:\windows\System32\videoformat.dll [2009/12/23 13:51:46 | 000,017,920 | ---- | C] () -- C:\windows\System32\videocore.dll [2009/12/23 13:51:45 | 000,061,440 | ---- | C] () -- C:\windows\System32\imgscaler.dll [2009/12/23 13:51:45 | 000,022,016 | ---- | C] () -- C:\windows\System32\img_utils.dll [2009/12/23 13:51:43 | 000,128,512 | ---- | C] () -- C:\windows\System32\xvid.dll [2009/12/21 18:03:39 | 000,210,032 | ---- | C] () -- C:\windows\System32\DBCLIENT.DLL [2009/11/03 19:08:37 | 000,047,104 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/10/31 14:55:27 | 000,138,056 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\PnkBstrK.sys [2009/10/31 14:55:10 | 002,250,024 | ---- | C] () -- C:\windows\System32\pbsvc.exe [2009/10/31 12:05:27 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll [2009/10/30 13:54:16 | 006,092,849 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2009/10/30 13:50:28 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini [2009/10/30 13:43:20 | 000,148,264 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2009/10/30 13:37:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009/09/28 19:14:04 | 000,734,536 | ---- | C] () -- C:\windows\System32\perfh015.dat [2009/09/28 19:14:04 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat [2009/09/28 19:14:04 | 000,148,904 | ---- | C] () -- C:\windows\System32\perfc015.dat [2009/09/28 19:14:04 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat [2009/09/28 19:00:26 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe [2009/09/28 19:00:26 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe [2009/09/28 18:28:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2009/09/28 09:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys [2009/09/28 03:11:13 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe [2009/09/28 02:42:20 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe [2009/07/26 21:06:02 | 001,654,586 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 05:33:53 | 004,006,440 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,653,898 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,090 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini [2009/07/14 03:04:23 | 000,000,545 | ---- | C] () -- C:\windows\win.ini [2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin [2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin [2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe [2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe [2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe [2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM [2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM [2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe [2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM [2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe [2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe [2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe [2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe [2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe [2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe [2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM [2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys [2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS [2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS [2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS [2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS [2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS [2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS [2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS [2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS [2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS [2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS [2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS [2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS [2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS [2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll [2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll [2009/06/18 19:29:04 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat [2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com [2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\windows\System32\xlive.dll.cat [color=#E56717]========== LOP Check ==========[/color] [2009/10/31 10:11:39 | 000,000,000 | -HSD | M] -- C:\Users\Rafał\AppData\Roaming\.# [2010/06/28 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AnvSoft [2010/07/10 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Ashampoo [2011/03/03 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Autodesk [2010/12/18 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BatteryCare [2009/12/06 14:51:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite [2011/03/15 08:50:16 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Dropbox [2010/12/05 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Efficient Sticky Notes [2011/01/14 11:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EuroTalk [2010/01/01 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu [2010/01/01 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10 [2010/07/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gmail Notifier Plus [2010/01/09 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla [2009/10/31 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech [2009/11/02 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu [2009/11/02 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM [2010/06/24 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite [2010/06/30 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\r2 Studios [2009/10/31 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Red Alert 3 [2010/11/29 13:34:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Stardock [2011/01/20 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thinstall [2010/02/27 14:44:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thunderbird [2011/03/13 22:02:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent [2010/11/22 10:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Xerox [2011/03/15 08:28:19 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/03/05 19:57:30 | 000,000,304 | -HS- | M] () -- C:\Windows\Tasks\Vwclnspa.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/03/15 08:28:09 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/03/15 08:28:14 | 3215,577,088 | -HS- | M] () -- C:\pagefile.sys [2009/09/28 02:37:48 | 000,002,003 | ---- | M] () -- C:\RHDSetup.log [2009/09/28 03:09:41 | 000,000,166 | ---- | M] () -- C:\Setup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:ABE89FFE < End of report > [/log]
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Wrzuć jeszcze log z RSIT, ale wstaw je w tagi !!!
raasky komentarz 16 marca 2011 Autor komentarz 16 marca 2011 (edytowane) dodaje log z RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Rafał at 2011-03-16 17:11:42 Microsoft Windows 7 Home Premium System drive C: has 9 GB (18%) free of 46 GB Total RAM: 3067 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:34:09, on 2011-03-16 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\A4Tech\Mouse\Amoumain.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe C:\Users\Rafał\Desktop\RSIT.exe C:\Program Files\trend micro\Rafał.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ˙ţ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [YouCam Mirage] "d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Startup: Dropbox.lnk = ? O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O15 - Trusted Zone: http://print.viauc.dk O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 10995 bytes ======Scheduled tasks folder====== C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job C:\windows\tasks\Vwclnspa.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-02 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-19 7711264] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1541416] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2009-03-08 73728] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272] "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648] "SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "YouCam Mirage"=d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe [2010-08-20 136488] "YouCam Tray"=d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe [2011-01-19 162912] "Adobe Acrobat Speed Launcher"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760] "Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144] "QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] "Google Update"=C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe Update.lnk - C:\Windows\System32\rundll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - C:\windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2011-03-16 17:11:42 ----D---- C:\rsit 2011-03-16 17:11:42 ----D---- C:\Program Files\trend micro 2011-03-15 10:51:46 ----D---- C:\windows\XSxS 2011-03-15 10:51:46 ----D---- C:\Program Files\Xenocode 2011-03-05 19:47:41 ----D---- C:\windows\system32\Wat 2011-03-05 19:42:27 ----A---- C:\windows\system32\drivers\sffp_sd.sys 2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\usbvideo.sys 2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\ks.sys 2011-03-05 19:42:21 ----A---- C:\windows\system32\wcncsvc.dll 2011-03-05 19:42:14 ----A---- C:\windows\system32\mshtml.dll 2011-03-05 19:42:10 ----A---- C:\windows\system32\iertutil.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\mstime.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeedsbs.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeeds.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\licmgr10.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\iedkcs32.dll 2011-03-05 19:42:08 ----A---- C:\windows\system32\mshtmled.dll 2011-03-05 19:42:08 ----A---- C:\windows\system32\msfeedssync.exe 2011-03-05 19:42:08 ----A---- C:\windows\system32\iepeers.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\mf.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\FntCache.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\DWrite.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\d3d10warp.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\d2d1.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\WMVDECOD.DLL 2011-03-05 19:41:45 ----A---- C:\windows\system32\mfreadwrite.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\ExplorerFrame.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\d3d10_1core.dll 2011-03-05 19:41:44 ----A---- C:\windows\system32\XpsRasterService.dll 2011-03-05 19:41:43 ----A---- C:\windows\system32\upnp.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\wininet.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\urlmon.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\msxml6.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\ieframe.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\wscsvc.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\wscapi.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\winhttp.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\WebClnt.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\slwga.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\msxml3.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\jsproxy.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\ieui.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\davclnt.dll 2011-03-05 19:41:37 ----A---- C:\windows\system32\tzres.dll 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntoskrnl.exe 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntkrnlpa.exe 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntdll.dll 2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc_isv.dll 2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp_isv.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_isv.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate.exe 2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsPrint.dll 2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsGdiConverter.dll 2011-03-05 19:41:29 ----A---- C:\windows\system32\odbc32.dll 2011-03-05 19:41:29 ----A---- C:\windows\system32\kerberos.dll 2011-03-05 19:41:28 ----A---- C:\windows\system32\consent.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\wmicmiplugin.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskschd.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskeng.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskcomp.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\schtasks.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\schedsvc.dll 2011-03-05 19:41:26 ----A---- C:\windows\system32\oleaut32.dll 2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\fvevol.sys 2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\Diskdump.sys 2011-03-05 19:41:25 ----A---- C:\windows\system32\win32k.sys 2011-03-05 19:41:24 ----A---- C:\windows\system32\webio.dll 2011-03-05 19:41:24 ----A---- C:\windows\system32\atmlib.dll 2011-03-05 19:41:24 ----A---- C:\windows\system32\atmfd.dll 2011-03-05 19:41:22 ----A---- C:\windows\system32\CPFilters.dll 2011-03-05 19:41:21 ----A---- C:\windows\system32\psisdecd.dll 2011-03-05 19:41:21 ----A---- C:\windows\system32\msdri.dll 2011-03-05 19:41:19 ----A---- C:\windows\system32\vbscript.dll 2011-03-05 19:41:19 ----A---- C:\windows\system32\jscript.dll 2011-03-05 19:40:49 ----A---- C:\windows\system32\d3d10_1.dll 2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgmms1.sys 2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys 2011-03-05 19:39:28 ----A---- C:\windows\system32\cdd.dll 2011-03-05 17:48:07 ----D---- C:\Users\Rafał\AppData\Roaming\Malwarebytes 2011-03-05 17:48:02 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys 2011-03-05 17:48:00 ----D---- C:\ProgramData\Malwarebytes 2011-03-05 17:47:57 ----A---- C:\windows\system32\drivers\mbam.sys 2011-03-03 23:34:31 ----A---- C:\windows\system32\5e6c9151.exe 2011-03-03 23:25:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2011-03-03 23:22:22 ----D---- C:\Program Files\Adobe Media Player 2011-03-03 23:20:58 ----D---- C:\Program Files\Common Files\Adobe AIR 2011-03-03 15:45:20 ----D---- C:\windows\system32\Adobe 2011-03-03 14:48:13 ----D---- C:\ProgramData\ASGVIS 2011-03-01 21:18:04 ----D---- C:\windows\Freecorder 2011-02-27 10:38:58 ----D---- C:\Program Files\Common Files\Skype ======List of files/folders modified in the last 1 months====== 2011-03-16 17:25:40 ----D---- C:\Users\Rafał\AppData\Roaming\Skype 2011-03-16 17:11:42 ----RD---- C:\Program Files 2011-03-16 17:08:26 ----D---- C:\Users\Rafał\AppData\Roaming\Dropbox 2011-03-16 17:07:15 ----D---- C:\windows\Temp 2011-03-16 17:06:17 ----D---- C:\Users\Rafał\AppData\Roaming\skypePM 2011-03-16 17:04:54 ----D---- C:\Program Files\Common Files\Akamai 2011-03-16 17:04:10 ----HD---- C:\Config.Msi 2011-03-15 22:07:33 ----D---- C:\Users\Rafał\AppData\Roaming\uTorrent 2011-03-15 22:05:21 ----D---- C:\Windows 2011-03-15 21:30:31 ----SHD---- C:\windows\Installer 2011-03-15 21:30:24 ----D---- C:\Program Files\Internet Explorer 2011-03-15 21:30:02 ----D---- C:\Program Files\Common Files\Apple 2011-03-15 21:30:00 ----D---- C:\windows\System32 2011-03-15 20:17:54 ----D---- C:\Program Files\Adobe 2011-03-15 20:14:23 ----D---- C:\Program Files\Common Files\Adobe 2011-03-15 20:14:11 ----D---- C:\windows\system32\DriverStore 2011-03-15 20:14:11 ----D---- C:\windows\inf 2011-03-15 20:11:41 ----RSD---- C:\windows\Fonts 2011-03-15 10:54:02 ----D---- C:\ProgramData\Microsoft Help 2011-03-15 10:54:02 ----A---- C:\windows\win.ini 2011-03-15 08:32:20 ----D---- C:\windows\system32\NDF 2011-03-12 23:12:23 ----D---- C:\windows\system32\drivers 2011-03-12 23:12:23 ----D---- C:\windows\ShellNew 2011-03-12 16:44:01 ----SHD---- C:\System Volume Information 2011-03-11 14:53:39 ----D---- C:\windows\system32\catroot 2011-03-11 14:53:36 ----HD---- C:\Program Files\InstallShield Installation Information 2011-03-11 14:53:08 ----AD---- C:\ProgramData\Temp 2011-03-11 14:35:54 ----D---- C:\ProgramData\CyberLink 2011-03-11 14:28:14 ----D---- C:\Program Files\Common Files 2011-03-11 14:12:03 ----D---- C:\Program Files\CyberLink 2011-03-11 13:26:22 ----D---- C:\Users\Rafał\AppData\Roaming\CyberLink 2011-03-10 13:55:06 ----A---- C:\windows\system32\PerfStringBackup.INI 2011-03-10 09:53:05 ----SD---- C:\Users\Rafał\AppData\Roaming\Microsoft 2011-03-07 22:10:32 ----D---- C:\windows\system32\wdi 2011-03-06 18:11:21 ----A---- C:\windows\NeroDigital.ini 2011-03-05 20:25:24 ----D---- C:\windows\Microsoft.NET 2011-03-05 20:24:34 ----RSD---- C:\windows\assembly 2011-03-05 19:53:24 ----D---- C:\windows\system32\config 2011-03-05 19:49:55 ----D---- C:\windows\winsxs 2011-03-05 19:47:44 ----D---- C:\windows\system32\pl-PL 2011-03-05 19:47:44 ----D---- C:\windows\ehome 2011-03-05 19:47:44 ----D---- C:\Program Files\Windows Mail 2011-03-05 19:47:43 ----D---- C:\windows\AppPatch 2011-03-05 19:47:42 ----D---- C:\windows\system32\migration 2011-03-05 19:42:27 ----D---- C:\windows\system32\catroot2 2011-03-05 18:12:07 ----D---- C:\windows\Prefetch 2011-03-05 17:48:00 ----HD---- C:\ProgramData 2011-03-05 17:42:25 ----D---- C:\windows\system32\drivers\etc 2011-03-05 17:37:15 ----D---- C:\windows\system32\Tasks 2011-03-03 23:49:18 ----D---- C:\Users\Rafał\AppData\Roaming\Adobe 2011-03-03 23:47:57 ----D---- C:\ProgramData\FLEXnet 2011-03-03 23:45:32 ----D---- C:\ProgramData\Adobe 2011-03-03 23:34:20 ----D---- C:\Users\Rafał\AppData\Roaming\WinRAR 2011-03-03 23:33:48 ----D---- C:\windows\Tasks 2011-03-03 20:24:07 ----D---- C:\Users\Rafał\AppData\Roaming\Autodesk 2011-03-03 20:24:07 ----D---- C:\ProgramData\Autodesk 2011-03-03 14:44:09 ----D---- C:\Program Files\Autodesk 2011-03-03 14:09:16 ----D---- C:\windows\Downloaded Program Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-25 8704] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2010-12-22 135096] R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-09-16 214664] R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752] R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2010-12-04 61960] R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-08-20 27632] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-08-19 2752352] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328] R3 rtl819xp;Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) Realtek RTL8190/RTL8192E 802.11n; C:\windows\system32\DRIVERS\rtl819xp.sys [2010-02-01 557088] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-15 212656] R3 VMC326;Vimicro Camera Service VMC326; C:\windows\System32\Drivers\VMC326.sys [2009-08-10 237696] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-21 1161760] S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704] S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880] S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480] S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-09-16 79816] S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-09-16 35272] S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-09-16 34248] S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-09-16 40552] S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176] S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192] S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648] S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192] S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696] S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336] R2 Akamai;Akamai NetSession Interface; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-18 176128] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-12 267944] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys [2010-11-01 532480] R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992] R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176] S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-26 1045256] S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1343400] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] -----------------EOF----------------- [/log] [log]info.txt logfile of random's system information tool 1.08 2011-03-16 17:34:12 ======Uninstall list====== -->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} µTorrent-->"d:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {94A4609B-0414-4427-81F3-0FD282A2D0D3} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4} 2X-Office 7.80-->C:\Program Files\A4Tech\Mouse\Uninst32.exe 32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D} AC3Filter 1.63b-->"C:\Program Files\AC3Filter\unins000.exe" Adobe Acrobat X Pro - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000005} Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF} Adobe After Effects CS4-->C:\Program Files\Common Files\Adobe\Installers\3dcb365ab9e01871fb8c6f27b0ea079\Setup.exe --uninstall=1 Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8} Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8} Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0} Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191} Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683} Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A} Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D} Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972} Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4} Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E} Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15} Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A} Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353} Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}" Adobe Setup-->MsiExec.exe /I{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424} Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755} Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe AnyPC Client-->C:\Program Files\InstallShield Installation Information\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}\setup.exe Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ArchiCAD Essentials Interactive Training Guide-->d:\Program Files\Graphisoft\ArchiCAD Essentials ITG\Uninstall.TGE\uninstaller.exe Archiwizator WinRAR-->D:\Program Files\WinRAR\uninstall.exe Ashampoo Burning Studio 10.0.1-->"d:\Program Files\Ashampoo\Ashampoo Burning Studio 10\unins000.exe" Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2} Atheros Client Installation Program-->"C:\Program Files\InstallShield Installation Information\{D1434266-0486-4469-B338-A60082CC04E1}\setup.exe" -runfromtemp -l0x0009 -removeonly ATI Catalyst Install Manager-->msiexec /q/x{B15A87DC-46AC-D726-E2F5-06A3D5F35C06} REBOOT=ReallySuppress Audacity 1.2.6-->"d:\Program Files\Audacity\unins000.exe" AutoCAD 2011 - English-->C:\Program Files\Autodesk\AutoCAD 2011\Setup\Setup.exe /P {5783F2D7-9001-0409-0002-0060B0CE6BBA} /M ACAD /language en-US AutoCAD 2011 - English-->C:\Program Files\Autodesk\AutoCAD 2011\Setup\Setup.exe /P {5783F2D7-9001-0409-0002-0060B0CE6BBA} /M ACAD /language en-US Autodesk 3ds Max 2011 32-bit Components-->MsiExec.exe /I{99F80251-DAE8-0409-BD08-DCBBEF56B8CB} Autodesk 3ds Max 2011 32-bit-->MsiExec.exe /I{67574624-BF0F-0409-AF6D-19FBD86FF7F7} Autodesk Backburner 2008.1-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379} Autodesk Design Review 2011-->D:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {8D20B4D7-3422-4099-9332-39F27E617A6F} /M ADR Autodesk FBX Plug-in 2011.1 - 3ds Max 2011-->C:\Program Files\Autodesk\FBX\FBXPlugins\2011.1\3ds Max 2011\Uninstall.exe Autodesk Material Library 2011 Base Image library-->MsiExec.exe /I{CD1E078C-A6B9-47DA-B035-6365C85C7832} Autodesk Material Library 2011 Medium Image library-->MsiExec.exe /I{975951E7-14D0-49AF-A630-89680D12D7F6} Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40} Autodesk Revit Architecture 2011 x86 Update 2-->Msiexec.exe /uninstall {4E133AB3-138F-40C9-9CB3-ED32DE045FA0} /package {4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} /qb FILESINUSETEXT="" Autodesk Revit Architecture 2011-->D:\Program Files\Autodesk\Revit Architecture 2011\Program\Setup\Setup.exe /P {4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} /M REVIT /language en-US Autodesk Revit Architecture 2011-->MsiExec.exe /X{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe" AVS Video Converter 6-->"d:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe" AVS4YOU Software Navigator 1.4-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" BatteryCare-->MsiExec.exe /I{A2F34AF5-E329-444C-BD1B-137637AB23AD} BatteryLifeExtender-->MsiExec.exe /I{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7} Be06v4-->C:\windows\IsUninst.exe -f"C:\Program Files\SBi\Be06\4,8,2,20\Uninst.isu" Bezpieczeństwo rodzinne usługi Windows Live-->MsiExec.exe /X{F88335A8-CA7B-41DE-B37D-81306C73B507} Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {4ac40384-37ba-421c-b14c-2ecbe4403817} Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007-->MsiExec.exe /X{4AC40384-37BA-421C-B14C-2ECBE4403817} Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409 ChargeableUSB-->"C:\Program Files\InstallShield Installation Information\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}\setup.exe" -runfromtemp -l0x0009Remove -removeonly Composite 2011-->MsiExec.exe /I{6406E3EA-9777-45B7-A0C0-89741E629352} Contextual Tool Yourprofitclub-->C:\windows\system32\5e6c9151.exe Crypt4Free-->MsiExec.exe /I{A1802E07-1CC7-4CD1-AFBF-E2CC94B99046} CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall Easy Display Manager-->"C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly Easy Network Manager-->MsiExec.exe /I{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2} Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove EasyBatteryManager-->"C:\Program Files\InstallShield Installation Information\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}\setup.exe" -runfromtemp -l0x0009 -removeonly Edraw Max 5.2-->"d:\Program Files\Edraw Max\unins000.exe" EngiLab Beam.2D ML v1.20-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\EngiLab Beam.2D ML\ST6UNST.LOG" eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} FastStone Capture 5.3-->d:\Program Files\FastStone Capture\uninst.exe Fences-->"C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe" REMOVE=TRUE MODIFY=FALSE Fences-->C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe Gadu-Gadu 10-->d:\Program Files\Gadu-Gadu 10\Uninstall.exe Galeria fotografii usługi Windows Live-->MsiExec.exe /X{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB} Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008} Google SketchUp Pro 7-->MsiExec.exe /X{CA9483A2-742A-4A72-881D-B81C6B1ACB3E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8301} HDD Health v3.3 Beta-->"d:\Program Files\HDD Health\unins000.exe" Heroes of Might and Magic® III-->C:\windows\IsUn0415.exe -f"d:\Program Files\3DO\Heroes3\Uninst.isu" -c"d:\Program Files\3DO\Heroes3\uninst.dll Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart All-In-One Driver Software 13.0 Rel. A-->C:\Program Files\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4} Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} K-Lite Codec Pack 6.8.0 (Full)-->"d:\Program Files\K-Lite Codec Pack\unins000.exe" Logitech SetPoint 6.20-->C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe Magic ISO Maker v5.5 (build 0265)-->D:\PROGRA~1\MagicISO\UNWISE.EXE D:\PROGRA~1\MagicISO\INSTALL.LOG Malwarebytes' Anti-Malware-->"d:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6} Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40415-6000-11D3-8CFE-0150048383C9} Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE} Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Save as PDF Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B0-0409-0000-0000000FF1CE} Microsoft Save as XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B1-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D} Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729-->MsiExec.exe /X{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64} Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729-->MsiExec.exe /X{14866AAD-1F23-39AC-A62B-7091ED1ADE64} Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729-->MsiExec.exe /X{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D} Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729-->MsiExec.exe /X{4B90093A-5D9C-3956-8ABB-95848BE6EFAD} Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox (3.6.15)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (3.0.1)-->d:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Namuga 1.3M Webcam-->C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly NapiProjekt 1.0.6.5-->"d:\Program Files\NAPI-PROJEKT\unins000.exe" Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514} Nokia Software Updater-->MsiExec.exe /X{09C468CA-2940-466A-AAE8-DCC0C6E9323C} NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} OCR Software by I.R.I.S. 13.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{DCD22647-6D31-479D-8F97-16D0AA934D9E} PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PDFill PDF Editor with FREE Writer and FREE Tools-->MsiExec.exe /I{D1399216-81B2-457C-A0F7-73B9A2EF6902} PDF-Viewer-->"d:\Program Files\Tracker Software\PDF Viewer\unins000.exe" Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8} Picasa 3-->"d:\Program Files\Google\Picasa3\Uninstall.exe" Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9} Poczta usługi Windows Live-->MsiExec.exe /I{C35FE07E-24B5-410F-85B7-122087A0C7DD} Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{9862473C-E063-4C68-A161-2CDE0E8048A5} Polskie Normy i prawo budowlane-->"d:\Program Files\Aslan Wydawnictwa Elektroniczne\PNPB\unins000.exe" QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Real Alternative 2.0.1-->"d:\Program Files\Real Alternative\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly REALTEK Wireless LAN Software-->C:\Program Files\InstallShield Installation Information\{F2BC3383-F000-410C-A038-3846ADBE8D90}\Install.exe -uninst -l0x9 Samsung Recovery Solution 4-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0009 -removeonly Samsung Support Center-->MsiExec.exe /I{4D2121FE-5CCC-4D47-B3A0-BF56045A5099} Samsung Update Plus-->"C:\Program Files\InstallShield Installation Information\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}\Setup.exe" -runfromtemp -l0x0009 -removeonly Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Składniki łączności pakietu Microsoft Office Small Business-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Twierdza Krzyżowiec-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe" -l0x15 User Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG Virtual DJ 5.2 (Crack v2)-->d:\Program Files\VirtualDJ\Uninstal Crack VirtualDJ.exe Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {04B34E21-5BEE-3D2B-8D3D-E3E80D253F64} /qb+ REBOOTPROMPT="" Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {14866AAD-1F23-39AC-A62B-7091ED1ADE64} /qb+ REBOOTPROMPT="" Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {4B90093A-5D9C-3956-8ABB-95848BE6EFAD} /qb+ REBOOTPROMPT="" Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D} /qb+ REBOOTPROMPT="" V-Ray for SketchUp-->D:\Program Files\Google\Google SketchUp 7\uninstall.exe Winamp-->"d:\Program Files\Winamp\UninstWA.exe" Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{D1803CD4-0CE7-4484-98E3-88D7A2D629A4} Windows Live Movie Maker-->MsiExec.exe /X{6053FE9B-5473-41D6-AEBF-AD6F98138191} Windows Live Sync-->MsiExec.exe /X{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4} Windows Live Writer-->MsiExec.exe /X{9AB614A6-719C-4A6E-A63E-831E0A35F62A} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Wise Disk Cleaner 4.84-->"d:\Program Files\Wise Disk Cleaner\unins000.exe" Wise Registry Cleaner 4 Free 4.92-->"d:\Program Files\Wise Registry Cleaner\unins000.exe" ======Hosts File====== ::1 localhost ??????????????? ======System event log====== Computer Name: Notebook Event Code: 7036 Message: Usługa Usługa profilów użytkowników weszła w stan zatrzymania. Record Number: 145672 Source Name: Service Control Manager Time Written: 20101125081908.567396-000 Event Type: Informacje User: Computer Name: Notebook Event Code: 7036 Message: Usługa SBSD Security Center Service weszła w stan zatrzymania. Record Number: 145671 Source Name: Service Control Manager Time Written: 20101125081908.567396-000 Event Type: Informacje User: Computer Name: Notebook Event Code: 7036 Message: Usługa Rezip weszła w stan zatrzymania. Record Number: 145670 Source Name: Service Control Manager Time Written: 20101125081908.567396-000 Event Type: Informacje User: Computer Name: Notebook Event Code: 7036 Message: Usługa Agent zasad IPsec weszła w stan zatrzymania. Record Number: 145669 Source Name: Service Control Manager Time Written: 20101125081908.567396-000 Event Type: Informacje User: Computer Name: Notebook Event Code: 7036 Message: Usługa Zasilanie weszła w stan zatrzymania. Record Number: 145668 Source Name: Service Control Manager Time Written: 20101125081908.567396-000 Event Type: Informacje User: =====Application event log===== Computer Name: Notebook Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 762 Source Name: Microsoft-Windows-EventSystem Time Written: 20091030112444.000000-000 Event Type: Informacje User: Computer Name: Notebook Event Code: 1532 Message: Usługa profilów użytkowników została zatrzymana. Record Number: 761 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20091024190918.257226-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: WIN-R3U1IKQ8BS9 Event Code: 1003 Message: Usługa Windows Search została uruchomiona. Record Number: 760 Source Name: Microsoft-Windows-Search Time Written: 20091024190911.000000-000 Event Type: Informacje User: Computer Name: WIN-R3U1IKQ8BS9 Event Code: 1013 Message: Usługa Windows Search została normalnie zatrzymana. Record Number: 759 Source Name: Microsoft-Windows-Search Time Written: 20091024190910.000000-000 Event Type: Informacje User: Computer Name: WIN-R3U1IKQ8BS9 Event Code: 103 Message: Windows (3908) Windows: Aparat bazy danych zatrzymał wystąpienie (0). Record Number: 758 Source Name: ESENT Time Written: 20091024190910.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: Notebook Event Code: 5058 Message: Operacja na pliku klucza. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: NOTEBOOK$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Parametry funkcji kryptograficznej: Nazwa dostawcy: Microsoft Software Key Storage Provider Nazwa algorytmu: Niedostępne. Nazwa klucza: {0CC2745F-B2DD-4A5B-94B1-83713BA42210} Typ klucza: Klucz komputera. Informacje dotyczące operacji na pliku klucza: Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\Keys\ffa33b28821a8c43d0c9613a8048513e_5099e073-6a8d-4de8-89d1-12547431df07 Operacja: Odczytaj trwały klucz z pliku. Kod powrotny: 0x0 Record Number: 33610 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100926094519.876424-000 Event Type: Sukcesy inspekcji User: Computer Name: Notebook Event Code: 5061 Message: Operacja kryptograficzna. Podmiot: Identyfikator zabezpieczeń: S-1-5-19 Nazwa konta: USŁUGA LOKALNA Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e5 Parametry funkcji kryptograficznej: Nazwa dostawcy: Microsoft Software Key Storage Provider Nazwa algorytmu: RSA Nazwa klucza: d0df6ec9-960a-463b-b22c-230eef8e0a23 Typ klucza: Klucz komputera. Operacja kryptograficzna: Operacja: Otwórz klucz. Kod powrotny: 0x0 Record Number: 33609 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100926094455.807383-000 Event Type: Sukcesy inspekcji User: Computer Name: Notebook Event Code: 5058 Message: Operacja na pliku klucza. Podmiot: Identyfikator zabezpieczeń: S-1-5-19 Nazwa konta: USŁUGA LOKALNA Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e5 Parametry funkcji kryptograficznej: Nazwa dostawcy: Microsoft Software Key Storage Provider Nazwa algorytmu: Niedostępne. Nazwa klucza: d0df6ec9-960a-463b-b22c-230eef8e0a23 Typ klucza: Klucz komputera. Informacje dotyczące operacji na pliku klucza: Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4db6c7e4a6bed471c59a97230de02070_5099e073-6a8d-4de8-89d1-12547431df07 Operacja: Odczytaj trwały klucz z pliku. Kod powrotny: 0x0 Record Number: 33608 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100926094455.806383-000 Event Type: Sukcesy inspekcji User: Computer Name: Notebook Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 33607 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100926094428.212110-000 Event Type: Sukcesy inspekcji User: Computer Name: Notebook Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: NOTEBOOK$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x260 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 33606 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100926094428.212110-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Common Files\Autodesk Shared\;D:\Program Files\Autodesk\Backburner\;D:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "3DSMAX_2011_PATH"=D:\Program Files\Autodesk\3ds Max 2011\ "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- [/log]
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Dziwna sprawa do zbadania, Plik startujący z Update.Ink "ściąga" zainfekowany plik do folderu System32 a jak widać w rejestrze jest to usługa rundll32.exe [code]C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Update.lnk - C:\Windows\System32\rundll32.exe[/code] jak dla mnie ten plik jest do podmiany z płytki instalacyjnej. W OTL, w oknie Custom scan/fixes wklej: [code]:OTL [2011/03/03 23:34:31 | 000,125,927 | ---- | C] () -- C:\windows\System32\5e6c9151.exe [2011/03/03 23:34:21 | 000,001,023 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk [2011/03/03 23:33:48 | 000,000,304 | -HS- | C] () -- C:\windows\tasks\Vwclnspa.job [2009/10/31 10:11:39 | 000,000,000 | -HSD | M] -- C:\Users\Rafał\AppData\Roaming\.# @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:ABE89FFE :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url]
raasky komentarz 16 marca 2011 Autor komentarz 16 marca 2011 log z usuwania [log]All processes killed ========== OTL ========== C:\Windows\System32\5e6c9151.exe moved successfully. C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk moved successfully. C:\Windows\Tasks\Vwclnspa.job moved successfully. C:\Users\Rafał\AppData\Roaming\.# folder moved successfully. ADS C:\ProgramData\Temp:ABE89FFE deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: ADMINI~1~VIT User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Rafał ->Temp folder emptied: 253513 bytes ->Temporary Internet Files folder emptied: 1546450 bytes ->Java cache emptied: 6159 bytes ->FireFox cache emptied: 94856049 bytes ->Google Chrome cache emptied: 212123596 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 985 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 10946 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 294.00 mb OTL by OldTimer - Version 3.2.22.3 log created on 03162011_180911 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] nowe OTL [log]OTL logfile created on: 3/16/2011 6:21:58 PM - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 45.28 Gb Total Space | 8.58 Gb Free Space | 18.95% Space Free | Partition Type: NTFS Drive D: | 237.71 Gb Total Space | 25.61 Gb Free Space | 10.77% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe PRC - [2011/03/13 21:44:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011/03/13 21:44:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011/01/26 17:05:34 | 015,026,056 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/11/09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe PRC - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys PRC - [2010/10/29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2010/10/15 11:14:26 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe PRC - [2010/10/11 15:49:48 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010/08/21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010/08/20 10:49:04 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/07/04 11:09:52 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe PRC - [2010/02/26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009/09/20 12:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2009/09/20 12:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2009/09/20 12:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2009/08/19 04:15:48 | 007,711,264 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/15 00:14:34 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2009/07/15 00:14:32 | 001,541,416 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2009/07/14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009/07/14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe PRC - [2009/07/14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008/03/06 09:12:58 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe PRC - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007/08/24 07:00:48 | 000,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2007/05/08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007/02/10 05:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe MOD - [2010/10/27 05:40:24 | 001,289,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010/06/29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010/04/07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009/12/08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009/12/08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009/07/14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009/07/14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009/07/14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009/07/14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009/07/14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009/07/14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009/07/14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009/07/14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009/07/14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009/07/14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009/07/14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009/07/14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009/07/14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009/07/14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009/07/14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/03/05 19:42:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/01/05 10:42:03 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai) SRV - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys -- (PrismXL) SRV - [2010/10/28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/04/27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc) SRV - [2009/09/23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip) SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/06/05 22:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/12/22 15:27:35 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/12/04 15:20:30 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010/08/20 10:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd) DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2010/02/01 12:30:32 | 000,557,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326) DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007/12/26 02:08:38 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007/01/25 02:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66 FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pl&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/30 13:15:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/03/15 20:13:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011/03/15 21:30:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/03/15 21:30:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2011/03/15 21:30:25 | 000,000,000 | ---D | M] [2011/01/02 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions [2010/02/27 14:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\personas@christopher.beard [2011/03/16 17:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions [2011/03/12 13:30:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/02/19 16:16:22 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66} [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/03/12 13:30:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/01/02 20:14:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/03/12 13:30:19 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2011/01/26 19:41:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/02/19 16:16:22 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\collector@broceliand.fr [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\smarterwiki@wikiatic.com [2011/01/02 20:22:12 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\youtube2mp3@mondayx.de O1 HOSTS File: ([2011/03/15 20:09:23 | 000,000,128 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: ㈱⸷⸰⸰‱捡楴慶整愮潤敢挮浯 O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [YouCam Mirage] d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..Trusted Domains: viauc.dk ([print] http in Zaufane witryny) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.10.10.5 212.10.10.4 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell - "" = AutoRun O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011/03/16 18:09:11 | 000,000,000 | ---D | C] -- C:\_OTL [2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\rsit [2011/03/15 21:41:46 | 478,024,432 | ---- | C] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC14-INT32.exe [2011/03/15 21:41:27 | 504,630,736 | ---- | C] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC13-INT32.exe [2011/03/15 21:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/03/15 21:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphisoft [2011/03/15 20:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2011/03/15 11:29:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe [2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\windows\XSxS [2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode [2011/03/13 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Staircase Analisys [2011/03/13 12:56:33 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Autodesk, Inc [2011/03/11 15:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Avatar [2011/03/11 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\CyberLink [2011/03/11 14:52:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [2011/03/11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\CyberLink [2011/03/10 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO [2011/03/10 09:59:43 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Files from Internet [2011/03/10 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\My Files [2011/03/10 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Lectures [2011/03/06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Podatki [2011/03/05 19:47:41 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat [2011/03/05 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes [2011/03/05 17:48:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/03/05 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/03/05 17:47:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/03/03 23:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2011/03/03 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Adobe [2011/03/03 23:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011/03/03 23:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011/03/03 21:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 5.2 [2011/03/03 20:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\3dsMax [2011/03/03 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V-Ray for SketchUp [2011/03/03 15:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe [2011/03/03 14:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASGVIS [2011/03/03 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Inventor [2011/03/02 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\sdfgsdfg [2011/03/01 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\FLVService [2011/03/01 21:18:04 | 000,000,000 | ---D | C] -- C:\windows\Freecorder [2011/02/27 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011/02/19 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\The KMPlayer [2011/02/19 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011/02/14 12:09:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\dsekjhsf [2011/02/10 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\1. Literature [2011/01/30 11:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2011/01/30 11:33:49 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\HP [2011/01/30 11:33:48 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\HP [2011/01/30 11:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2011/01/30 11:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2011/01/30 11:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2011/01/30 11:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2011/01/30 11:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2011/01/30 11:27:24 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2011/01/30 11:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\StarCraft II [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2011/01/20 21:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 7 [2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Thinstall [2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Thinstall [2011/01/19 16:43:19 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\System32\lameACM.acm [2011/01/19 16:43:19 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll [2011/01/19 16:43:19 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\System32\ac3acm.acm [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011/03/16 18:27:48 | 006,553,600 | -HS- | M] () -- C:\Users\Rafał\NTUSER.DAT [2011/03/16 18:17:41 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/03/16 18:17:41 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/03/16 18:10:09 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2011/03/16 18:10:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/03/16 18:09:59 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2011/03/16 17:11:33 | 000,339,991 | ---- | M] () -- C:\Users\Rafał\Desktop\RSIT.exe [2011/03/16 17:05:25 | 000,148,656 | ---- | M] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2011/03/16 17:04:39 | 004,006,464 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/03/15 22:23:39 | 006,055,325 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2011/03/15 22:02:40 | 504,630,736 | ---- | M] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC13-INT32.exe [2011/03/15 21:58:44 | 478,024,432 | ---- | M] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC14-INT32.exe [2011/03/15 21:30:45 | 000,000,783 | ---- | M] () -- C:\Users\Public\Desktop\ArchiCAD Essentials ITG.lnk [2011/03/15 21:29:11 | 000,003,870 | ---- | M] () -- C:\windows\vpd.properties [2011/03/15 20:09:23 | 000,000,128 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe [2011/03/15 10:54:02 | 000,000,545 | ---- | M] () -- C:\windows\win.ini [2011/03/13 20:03:22 | 000,166,584 | ---- | M] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf [2011/03/11 11:47:44 | 000,108,629 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg [2011/03/11 11:17:47 | 000,047,161 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf [2011/03/10 13:55:06 | 001,654,586 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2011/03/10 13:55:06 | 000,734,536 | ---- | M] () -- C:\windows\System32\perfh015.dat [2011/03/10 13:55:06 | 000,653,898 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/03/10 13:55:06 | 000,148,904 | ---- | M] () -- C:\windows\System32\perfc015.dat [2011/03/10 13:55:06 | 000,121,090 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/03/10 11:39:20 | 000,049,849 | ---- | M] () -- C:\Users\Rafał\Desktop\310.dwg [2011/03/09 20:45:15 | 003,733,661 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3 [2011/03/07 13:29:33 | 000,040,240 | ---- | M] () -- C:\Users\Rafał\Documents\3D 02.jpg [2011/03/07 13:25:39 | 000,041,323 | ---- | M] () -- C:\Users\Rafał\Documents\3D 01.jpg [2011/03/06 20:02:08 | 004,004,916 | ---- | M] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3 [2011/03/06 18:43:06 | 003,161,057 | ---- | M] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3 [2011/03/06 18:11:21 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini [2011/03/05 19:50:19 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2011/03/05 19:31:00 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job [2011/03/05 19:19:00 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2011/03/05 16:31:00 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job [2011/03/03 20:01:30 | 006,485,848 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3 [2011/03/03 14:42:41 | 000,017,588 | ---- | M] () -- C:\windows\System32\drivers\etc\services [2011/03/01 19:11:26 | 002,960,430 | ---- | M] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3 [2011/02/25 09:19:23 | 000,467,882 | ---- | M] () -- C:\Users\Rafał\Desktop\0 - 20.mp3 [2011/02/25 09:19:19 | 000,531,601 | ---- | M] () -- C:\Users\Rafał\Desktop\100 -1876.mp3 [2011/02/20 13:49:37 | 012,202,592 | ---- | M] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3 [2011/02/15 09:33:03 | 000,047,104 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/14 12:13:03 | 000,040,602 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg [2011/02/11 18:23:48 | 000,381,554 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3 [2011/02/11 18:23:46 | 000,493,149 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3 [2011/02/11 18:23:45 | 000,439,232 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3 [2011/02/10 13:47:18 | 000,013,654 | ---- | M] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf [2011/02/04 16:24:01 | 003,889,142 | ---- | M] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3 [2011/02/04 15:30:06 | 003,530,115 | ---- | M] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3 [2011/02/02 21:54:05 | 000,023,713 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg [2011/01/30 13:18:38 | 000,023,203 | ---- | M] () -- C:\windows\hpqins15.dat [2011/01/30 11:33:44 | 000,211,070 | ---- | M] () -- C:\windows\hpoins18.dat [2011/01/30 11:29:41 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011/01/20 21:41:32 | 000,003,120 | ---- | M] () -- C:\windows\System32\ALLFSAF8a.ocx [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/03/16 17:11:32 | 000,339,991 | ---- | C] () -- C:\Users\Rafał\Desktop\RSIT.exe [2011/03/15 21:30:45 | 000,000,783 | ---- | C] () -- C:\Users\Public\Desktop\ArchiCAD Essentials ITG.lnk [2011/03/15 21:29:11 | 000,003,870 | ---- | C] () -- C:\windows\vpd.properties [2011/03/15 20:13:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2011/03/15 20:13:35 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2011/03/13 20:03:20 | 000,166,584 | ---- | C] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf [2011/03/11 11:34:37 | 000,108,629 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg [2011/03/11 11:17:47 | 000,047,161 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf [2011/03/10 11:39:20 | 000,049,849 | ---- | C] () -- C:\Users\Rafał\Desktop\310.dwg [2011/03/09 20:42:03 | 003,733,661 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3 [2011/03/07 13:29:33 | 000,040,240 | ---- | C] () -- C:\Users\Rafał\Documents\3D 02.jpg [2011/03/07 13:25:39 | 000,041,323 | ---- | C] () -- C:\Users\Rafał\Documents\3D 01.jpg [2011/03/06 19:58:48 | 004,004,916 | ---- | C] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3 [2011/03/06 18:40:24 | 003,161,057 | ---- | C] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3 [2011/03/03 23:45:29 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk [2011/03/03 23:44:35 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk [2011/03/03 23:43:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk [2011/03/03 23:42:51 | 000,002,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk [2011/03/03 23:42:08 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk [2011/03/03 23:41:04 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk [2011/03/03 23:40:46 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2011/03/03 23:24:42 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk [2011/03/03 23:23:48 | 000,000,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2011/03/03 23:23:26 | 000,000,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2011/03/03 23:21:58 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011/03/03 23:21:45 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011/03/03 23:21:00 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011/03/03 20:01:12 | 006,485,848 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3 [2011/03/01 19:11:11 | 002,960,430 | ---- | C] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3 [2011/03/01 11:45:52 | 012,202,592 | ---- | C] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3 [2011/02/25 09:19:23 | 000,467,882 | ---- | C] () -- C:\Users\Rafał\Desktop\0 - 20.mp3 [2011/02/25 09:19:18 | 000,531,601 | ---- | C] () -- C:\Users\Rafał\Desktop\100 -1876.mp3 [2011/02/19 16:26:44 | 000,001,058 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job [2011/02/19 16:26:43 | 000,001,006 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job [2011/02/14 12:13:03 | 000,040,602 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg [2011/02/11 18:23:44 | 000,493,149 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3 [2011/02/11 18:23:43 | 000,439,232 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3 [2011/02/11 18:23:30 | 000,381,554 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3 [2011/02/10 13:47:18 | 000,013,654 | ---- | C] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf [2011/02/04 16:20:41 | 003,889,142 | ---- | C] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3 [2011/02/04 15:27:09 | 003,530,115 | ---- | C] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3 [2011/02/02 21:54:05 | 000,023,713 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg [2011/01/30 13:14:56 | 000,023,203 | ---- | C] () -- C:\windows\hpqins15.dat [2011/01/30 11:31:06 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk [2011/01/30 11:29:41 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011/01/30 11:26:48 | 000,211,070 | ---- | C] () -- C:\windows\hpoins18.dat [2011/01/30 11:26:48 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat [2011/01/20 21:41:32 | 000,003,120 | ---- | C] () -- C:\windows\System32\ALLFSAF8a.ocx [2011/01/19 16:43:20 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini [2011/01/19 16:43:19 | 000,000,414 | ---- | C] () -- C:\windows\System32\lame_acm.xml [2011/01/19 16:43:18 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2011/01/19 16:43:18 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2011/01/19 16:43:18 | 000,000,590 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2011/01/12 19:24:23 | 000,000,152 | ---- | C] () -- C:\windows\Aslan.INI [2010/12/19 19:10:52 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini [2010/12/19 11:25:44 | 000,000,048 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat [2010/12/05 14:10:28 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin [2010/09/04 17:47:43 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll [2010/07/31 21:40:41 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe [2010/07/31 21:40:40 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys [2010/07/31 21:40:36 | 000,183,112 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe [2010/03/01 17:50:08 | 000,000,145 | ---- | C] () -- C:\windows\splendor.ini [2010/03/01 17:46:03 | 000,284,160 | ---- | C] () -- C:\windows\unin0415.exe [2009/12/23 13:51:46 | 002,392,064 | ---- | C] () -- C:\windows\System32\videotrans.dll [2009/12/23 13:51:46 | 000,215,040 | ---- | C] () -- C:\windows\System32\videoformat.dll [2009/12/23 13:51:46 | 000,017,920 | ---- | C] () -- C:\windows\System32\videocore.dll [2009/12/23 13:51:45 | 000,061,440 | ---- | C] () -- C:\windows\System32\imgscaler.dll [2009/12/23 13:51:45 | 000,022,016 | ---- | C] () -- C:\windows\System32\img_utils.dll [2009/12/23 13:51:43 | 000,128,512 | ---- | C] () -- C:\windows\System32\xvid.dll [2009/12/21 18:03:39 | 000,210,032 | ---- | C] () -- C:\windows\System32\DBCLIENT.DLL [2009/11/03 19:08:37 | 000,047,104 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/10/31 14:55:27 | 000,138,056 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\PnkBstrK.sys [2009/10/31 14:55:10 | 002,250,024 | ---- | C] () -- C:\windows\System32\pbsvc.exe [2009/10/31 12:05:27 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll [2009/10/30 13:54:16 | 006,055,325 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2009/10/30 13:50:28 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini [2009/10/30 13:43:20 | 000,148,656 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2009/10/30 13:37:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009/09/28 19:14:04 | 000,734,536 | ---- | C] () -- C:\windows\System32\perfh015.dat [2009/09/28 19:14:04 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat [2009/09/28 19:14:04 | 000,148,904 | ---- | C] () -- C:\windows\System32\perfc015.dat [2009/09/28 19:14:04 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat [2009/09/28 19:00:26 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe [2009/09/28 19:00:26 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe [2009/09/28 18:28:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2009/09/28 09:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys [2009/09/28 03:11:13 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe [2009/09/28 02:42:20 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe [2009/07/26 21:06:02 | 001,654,586 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 05:33:53 | 004,006,464 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,653,898 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,090 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini [2009/07/14 03:04:23 | 000,000,545 | ---- | C] () -- C:\windows\win.ini [2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin [2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin [2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe [2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe [2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe [2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM [2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM [2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe [2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM [2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe [2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe [2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe [2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe [2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe [2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe [2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM [2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys [2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS [2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS [2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS [2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS [2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS [2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS [2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS [2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS [2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS [2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS [2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS [2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS [2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS [2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll [2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll [2009/06/18 19:29:04 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat [2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com [2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\windows\System32\xlive.dll.cat [color=#E56717]========== LOP Check ==========[/color] [2010/06/28 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AnvSoft [2010/07/10 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Ashampoo [2011/03/03 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Autodesk [2010/12/18 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BatteryCare [2009/12/06 14:51:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite [2011/03/16 18:14:08 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Dropbox [2010/12/05 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Efficient Sticky Notes [2011/01/14 11:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EuroTalk [2010/01/01 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu [2010/01/01 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10 [2010/07/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gmail Notifier Plus [2010/01/09 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla [2009/10/31 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech [2009/11/02 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu [2009/11/02 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM [2010/06/24 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite [2010/06/30 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\r2 Studios [2009/10/31 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Red Alert 3 [2010/11/29 13:34:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Stardock [2011/01/20 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thinstall [2010/02/27 14:44:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thunderbird [2011/03/15 22:07:33 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent [2010/11/22 10:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Xerox [2011/03/16 18:10:09 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/03/16 18:09:59 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/03/16 18:10:04 | 3215,577,088 | -HS- | M] () -- C:\pagefile.sys [2009/09/28 02:37:48 | 000,002,003 | ---- | M] () -- C:\RHDSetup.log [2009/09/28 03:09:41 | 000,000,166 | ---- | M] () -- C:\Setup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 3/16/2011 6:21:58 PM - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 45.28 Gb Total Space | 8.58 Gb Free Space | 18.95% Space Free | Partition Type: NTFS Drive D: | 237.71 Gb Total Space | 25.61 Gb Free Space | 10.77% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- Reg Error: Value error. https [open] -- Reg Error: Value error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- D:\Program Files\Adobe\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002DD827-7FAC-A09F-7382-BCF61E6744C8}" = CCC Help Portuguese "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater "{0C255F02-22AF-F50B-E945-B8D763E1A077}" = CCC Help Greek "{0C5F09B4-5C7A-6F41-89F4-65B419A639B9}" = CCC Help Chinese Standard "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4 "{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager "{180641E1-F6C2-6053-1022-78B9C49D173D}" = CCC Help Finnish "{18A2FD82-910A-0208-3AE1-169E92F2AFA4}" = CCC Help Dutch "{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{2822F016-69E9-A368-B612-685CCF4A9B83}" = CCC Help English "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2A07F8DD-96E5-8A5D-3C6A-D60F38D1F34B}" = CCC Help Turkish "{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2D397BD2-ED49-F9B9-4F65-D60D00AD6C5F}" = CCC Help Norwegian "{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{30C4566A-85AC-1713-71B2-3BE50C7146F8}" = CCC Help Thai "{3380D2BE-EAE4-034C-1096-3CA28F82A2F9}" = CCC Help French "{3920C82C-C03F-0D90-8009-CBFD8CF0214B}" = ccc-utility "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1 "{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100 "{4067974F-F2E5-5893-E7A3-10C345089305}" = CCC Help Polish "{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup "{4177BBB8-D654-4364-A898-BA00A68D7897}" = CCC Help Swedish "{41CD70E9-E193-8358-A837-A3A900565840}" = CCC Help Russian "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{44B4C2E3-D570-16B4-8CED-3D83AAF5D6F7}" = Catalyst Control Center Localization All "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{473937BF-F1ED-764D-01A8-12A672DED3E0}" = CCC Help Spanish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007 "{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011 "{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 "{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center "{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4ECC1D06-672F-2935-E570-CA2D210AE0CE}" = Catalyst Control Center InstallProxy "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5783F2D7-9001-0409-0002-0060B0CE6BBA}" = AutoCAD 2011 - English "{5783F2D7-9001-0409-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - English "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011 "{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Twierdza Krzyżowiec "{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011 "{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer "{8D7CCD59-BEBB-57D4-23EC-B9A9DB173EAA}" = Catalyst Control Center Graphics Previews Vista "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime "{8EE4C584-C82E-9BE3-41C1-BC2A53774DE6}" = CCC Help Korean "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{94A4609B-0414-4427-81F3-0FD282A2D0D3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs "{90120000-00B1-0409-0000-0000000FF1CE}" = Microsoft Save as XPS Add-in for 2007 Microsoft Office programs "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{940C416E-1BE6-58C0-949E-1A588349B0C7}" = CCC Help Hungarian "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library "{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live "{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live "{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011 "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A1802E07-1CC7-4CD1-AFBF-E2CC94B99046}" = Crypt4Free "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2F34AF5-E329-444C-BD1B-137637AB23AD}" = BatteryCare "{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B15A87DC-46AC-D726-E2F5-06A3D5F35C06}" = ATI Catalyst Install Manager "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 "{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager "{B7D833B7-915D-C859-D7A6-3639423E878C}" = CCC Help Danish "{B9F76257-02B5-EB70-2A72-6D56C9359985}" = CCC Help Italian "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BB778F28-FD55-C8FD-8E0B-482814C05D6B}" = CCC Help Chinese Traditional "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{BF076135-7D69-3255-D72B-487E67146727}" = CCC Help Japanese "{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}" = Google SketchUp Pro 7 "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB829D09-6426-F17D-C95D-303A6613A190}" = ccc-core-static "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library "{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools "{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program "{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5A5844F-80CB-665D-0AF9-9D712F4E6238}" = CCC Help German "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software "{F88335A8-CA7B-41DE-B37D-81306C73B507}" = Bezpieczeństwo rodzinne usługi Windows Live "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F958FF6B-B2B8-03F6-B56D-7D5E04768AA8}" = CCC Help Czech "{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "048FFFFFFF13FF00FF0701F00F02F000-R1" = ArchiCAD Essentials Interactive Training Guide "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "5e6c9151" = Contextual Tool Yourprofitclub "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe SVG Viewer" = Adobe SVG Viewer 3.0 "Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4 "Akamai" = Akamai NetSession Interface "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1 "Audacity_is1" = Audacity 1.2.6 "AutoCAD 2011 - English" = AutoCAD 2011 - English "Autodesk Design Review 2011" = Autodesk Design Review 2011 "Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 "Autodesk Revit Architecture 2011" = Autodesk Revit Architecture 2011 "Autodesk Revit Architecture 2011 SP2" = Autodesk Revit Architecture 2011 x86 Update 2 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6 "Be06v4" = Be06v4 "Business Contact Manager" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "CutePDF Writer Installation" = CutePDF Writer 2.8 "Edraw Max_is1" = Edraw Max 5.2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "FastStone Capture" = FastStone Capture 5.3 "Fences" = Fences "Gadu-Gadu 10" = Gadu-Gadu 10 "HDD Health_is1" = HDD Health v3.3 Beta "Heroes of Might and Magic® III" = Heroes of Might and Magic® III "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full) "Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1) "NapiProjekt_is1" = NapiProjekt 1.0.6.5 "Picasa 3" = Picasa 3 "Polskie Normy i prawo budowlane_is1" = Polskie Normy i prawo budowlane "RealAlt_is1" = Real Alternative 2.0.1 "Shop for HP Supplies" = Shop for HP Supplies "sp6" = Logitech SetPoint 6.20 "ST6UNST #1" = EngiLab Beam.2D ML v1.20 "StarCraft II" = StarCraft II "SynTPDeinstKey" = Synaptics Pointing Device Driver "uTorrent" = µTorrent "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "Virtual DJ 5.2 (Crack v2)" = Virtual DJ 5.2 (Crack v2) "V-Ray for SketchUp 1.48.89" = V-Ray for SketchUp "WheelMouse" = 2X-Office 7.80 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "Wise Disk Cleaner_is1" = Wise Disk Cleaner 4.84 "Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.92 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BankBrowser" = BankBrowser "Dropbox" = Dropbox "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 3/5/2011 3:06:35 PM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/6/2011 5:31:15 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 3:28:33 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 7:56:59 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 9:20:06 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 4:44:01 PM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/8/2011 3:06:57 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/8/2011 3:36:23 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/9/2011 11:28:03 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/10/2011 3:27:16 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = [ OSession Events ] Error - 10/8/2010 3:41:09 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 33 seconds with 0 seconds of active time. This session ended with a crash. Error - 10/8/2010 8:35:05 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 114 seconds with 60 seconds of active time. This session ended with a crash. Error - 10/8/2010 8:35:43 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30 seconds with 0 seconds of active time. This session ended with a crash. Error - 1/9/2011 9:01:24 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 3/16/2011 12:04:23 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 3/16/2011 12:04:23 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029 Description = Display is not active Error - 3/16/2011 12:04:54 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001 Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 3/16/2011 12:05:52 PM | Computer Name = Notebook | Source = DCOM | ID = 10005 Description = Error - 3/16/2011 12:05:52 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Search. Error - 3/16/2011 12:05:52 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1053 Error - 3/16/2011 1:09:12 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7034 Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029 Description = Display is not active Error - 3/16/2011 1:10:13 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001 Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń, której nie można uruchomić z powodu następującego błędu: %%1058 < End of report > [/log] nowe RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Rafał at 2011-03-16 18:24:04 Microsoft Windows 7 Home Premium System drive C: has 9 GB (19%) free of 46 GB Total RAM: 3067 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:24:11, on 2011-03-16 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\Explorer.EXE C:\windows\system32\Dwm.exe C:\windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\A4Tech\Mouse\Amoumain.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe C:\Program Files\Skype\Phone\Skype.exe D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe D:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Rafał\Desktop\OTL.exe C:\Users\Rafał\Desktop\RSIT.exe C:\Program Files\trend micro\Rafał.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ˙ţ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [YouCam Mirage] "d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Startup: Dropbox.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O15 - Trusted Zone: http://print.viauc.dk O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 10997 bytes ======Scheduled tasks folder====== C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-02 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-19 7711264] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1541416] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2009-03-08 73728] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272] "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648] "SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "YouCam Mirage"=d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe [2010-08-20 136488] "YouCam Tray"=d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe [2011-01-19 162912] "Adobe Acrobat Speed Launcher"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760] "Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144] "QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] "Google Update"=C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - C:\windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2011-03-16 18:09:11 ----D---- C:\_OTL 2011-03-16 17:11:42 ----D---- C:\rsit 2011-03-16 17:11:42 ----D---- C:\Program Files\trend micro 2011-03-15 10:51:46 ----D---- C:\windows\XSxS 2011-03-15 10:51:46 ----D---- C:\Program Files\Xenocode 2011-03-05 19:47:41 ----D---- C:\windows\system32\Wat 2011-03-05 19:42:27 ----A---- C:\windows\system32\drivers\sffp_sd.sys 2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\usbvideo.sys 2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\ks.sys 2011-03-05 19:42:21 ----A---- C:\windows\system32\wcncsvc.dll 2011-03-05 19:42:14 ----A---- C:\windows\system32\mshtml.dll 2011-03-05 19:42:10 ----A---- C:\windows\system32\iertutil.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\mstime.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeedsbs.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeeds.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\licmgr10.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\iedkcs32.dll 2011-03-05 19:42:08 ----A---- C:\windows\system32\mshtmled.dll 2011-03-05 19:42:08 ----A---- C:\windows\system32\msfeedssync.exe 2011-03-05 19:42:08 ----A---- C:\windows\system32\iepeers.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\mf.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\FntCache.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\DWrite.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\d3d10warp.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\d2d1.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\WMVDECOD.DLL 2011-03-05 19:41:45 ----A---- C:\windows\system32\mfreadwrite.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\ExplorerFrame.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\d3d10_1core.dll 2011-03-05 19:41:44 ----A---- C:\windows\system32\XpsRasterService.dll 2011-03-05 19:41:43 ----A---- C:\windows\system32\upnp.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\wininet.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\urlmon.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\msxml6.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\ieframe.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\wscsvc.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\wscapi.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\winhttp.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\WebClnt.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\slwga.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\msxml3.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\jsproxy.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\ieui.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\davclnt.dll 2011-03-05 19:41:37 ----A---- C:\windows\system32\tzres.dll 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntoskrnl.exe 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntkrnlpa.exe 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntdll.dll 2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc_isv.dll 2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp_isv.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_isv.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate.exe 2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsPrint.dll 2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsGdiConverter.dll 2011-03-05 19:41:29 ----A---- C:\windows\system32\odbc32.dll 2011-03-05 19:41:29 ----A---- C:\windows\system32\kerberos.dll 2011-03-05 19:41:28 ----A---- C:\windows\system32\consent.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\wmicmiplugin.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskschd.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskeng.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskcomp.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\schtasks.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\schedsvc.dll 2011-03-05 19:41:26 ----A---- C:\windows\system32\oleaut32.dll 2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\fvevol.sys 2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\Diskdump.sys 2011-03-05 19:41:25 ----A---- C:\windows\system32\win32k.sys 2011-03-05 19:41:24 ----A---- C:\windows\system32\webio.dll 2011-03-05 19:41:24 ----A---- C:\windows\system32\atmlib.dll 2011-03-05 19:41:24 ----A---- C:\windows\system32\atmfd.dll 2011-03-05 19:41:22 ----A---- C:\windows\system32\CPFilters.dll 2011-03-05 19:41:21 ----A---- C:\windows\system32\psisdecd.dll 2011-03-05 19:41:21 ----A---- C:\windows\system32\msdri.dll 2011-03-05 19:41:19 ----A---- C:\windows\system32\vbscript.dll 2011-03-05 19:41:19 ----A---- C:\windows\system32\jscript.dll 2011-03-05 19:40:49 ----A---- C:\windows\system32\d3d10_1.dll 2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgmms1.sys 2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys 2011-03-05 19:39:28 ----A---- C:\windows\system32\cdd.dll 2011-03-05 17:48:07 ----D---- C:\Users\Rafał\AppData\Roaming\Malwarebytes 2011-03-05 17:48:02 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys 2011-03-05 17:48:00 ----D---- C:\ProgramData\Malwarebytes 2011-03-05 17:47:57 ----A---- C:\windows\system32\drivers\mbam.sys 2011-03-03 23:25:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2011-03-03 23:22:22 ----D---- C:\Program Files\Adobe Media Player 2011-03-03 23:20:58 ----D---- C:\Program Files\Common Files\Adobe AIR 2011-03-03 15:45:20 ----D---- C:\windows\system32\Adobe 2011-03-03 14:48:13 ----D---- C:\ProgramData\ASGVIS 2011-03-01 21:18:04 ----D---- C:\windows\Freecorder 2011-02-27 10:38:58 ----D---- C:\Program Files\Common Files\Skype ======List of files/folders modified in the last 1 months====== 2011-03-16 18:14:25 ----D---- C:\Users\Rafał\AppData\Roaming\Skype 2011-03-16 18:14:08 ----D---- C:\Users\Rafał\AppData\Roaming\Dropbox 2011-03-16 18:12:29 ----D---- C:\windows\Temp 2011-03-16 18:10:17 ----D---- C:\Program Files\Common Files\Akamai 2011-03-16 18:09:14 ----D---- C:\windows\Tasks 2011-03-16 18:09:14 ----D---- C:\windows\System32 2011-03-16 17:11:42 ----RD---- C:\Program Files 2011-03-16 17:06:17 ----D---- C:\Users\Rafał\AppData\Roaming\skypePM 2011-03-16 17:04:10 ----HD---- C:\Config.Msi 2011-03-15 22:07:33 ----D---- C:\Users\Rafał\AppData\Roaming\uTorrent 2011-03-15 22:05:21 ----D---- C:\Windows 2011-03-15 21:30:31 ----SHD---- C:\windows\Installer 2011-03-15 21:30:24 ----D---- C:\Program Files\Internet Explorer 2011-03-15 21:30:02 ----D---- C:\Program Files\Common Files\Apple 2011-03-15 20:17:54 ----D---- C:\Program Files\Adobe 2011-03-15 20:14:23 ----D---- C:\Program Files\Common Files\Adobe 2011-03-15 20:14:11 ----D---- C:\windows\system32\DriverStore 2011-03-15 20:14:11 ----D---- C:\windows\inf 2011-03-15 20:11:41 ----RSD---- C:\windows\Fonts 2011-03-15 10:54:02 ----D---- C:\ProgramData\Microsoft Help 2011-03-15 10:54:02 ----A---- C:\windows\win.ini 2011-03-15 08:32:20 ----D---- C:\windows\system32\NDF 2011-03-12 23:12:23 ----D---- C:\windows\system32\drivers 2011-03-12 23:12:23 ----D---- C:\windows\ShellNew 2011-03-12 16:44:01 ----SHD---- C:\System Volume Information 2011-03-11 14:53:39 ----D---- C:\windows\system32\catroot 2011-03-11 14:53:36 ----HD---- C:\Program Files\InstallShield Installation Information 2011-03-11 14:53:08 ----AD---- C:\ProgramData\Temp 2011-03-11 14:35:54 ----D---- C:\ProgramData\CyberLink 2011-03-11 14:28:14 ----D---- C:\Program Files\Common Files 2011-03-11 14:12:03 ----D---- C:\Program Files\CyberLink 2011-03-11 13:26:22 ----D---- C:\Users\Rafał\AppData\Roaming\CyberLink 2011-03-10 13:55:06 ----A---- C:\windows\system32\PerfStringBackup.INI 2011-03-10 09:53:05 ----SD---- C:\Users\Rafał\AppData\Roaming\Microsoft 2011-03-07 22:10:32 ----D---- C:\windows\system32\wdi 2011-03-06 18:11:21 ----A---- C:\windows\NeroDigital.ini 2011-03-05 20:25:24 ----D---- C:\windows\Microsoft.NET 2011-03-05 20:24:34 ----RSD---- C:\windows\assembly 2011-03-05 19:53:24 ----D---- C:\windows\system32\config 2011-03-05 19:49:55 ----D---- C:\windows\winsxs 2011-03-05 19:47:44 ----D---- C:\windows\system32\pl-PL 2011-03-05 19:47:44 ----D---- C:\windows\ehome 2011-03-05 19:47:44 ----D---- C:\Program Files\Windows Mail 2011-03-05 19:47:43 ----D---- C:\windows\AppPatch 2011-03-05 19:47:42 ----D---- C:\windows\system32\migration 2011-03-05 19:42:27 ----D---- C:\windows\system32\catroot2 2011-03-05 18:12:07 ----D---- C:\windows\Prefetch 2011-03-05 17:48:00 ----HD---- C:\ProgramData 2011-03-05 17:42:25 ----D---- C:\windows\system32\drivers\etc 2011-03-05 17:37:15 ----D---- C:\windows\system32\Tasks 2011-03-03 23:49:18 ----D---- C:\Users\Rafał\AppData\Roaming\Adobe 2011-03-03 23:47:57 ----D---- C:\ProgramData\FLEXnet 2011-03-03 23:45:32 ----D---- C:\ProgramData\Adobe 2011-03-03 23:34:20 ----D---- C:\Users\Rafał\AppData\Roaming\WinRAR 2011-03-03 20:24:07 ----D---- C:\Users\Rafał\AppData\Roaming\Autodesk 2011-03-03 20:24:07 ----D---- C:\ProgramData\Autodesk 2011-03-03 14:44:09 ----D---- C:\Program Files\Autodesk 2011-03-03 14:09:16 ----D---- C:\windows\Downloaded Program Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-25 8704] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2010-12-22 135096] R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-09-16 214664] R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752] R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2010-12-04 61960] R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-08-20 27632] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-08-19 2752352] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328] R3 rtl819xp;Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) Realtek RTL8190/RTL8192E 802.11n; C:\windows\system32\DRIVERS\rtl819xp.sys [2010-02-01 557088] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-15 212656] R3 VMC326;Vimicro Camera Service VMC326; C:\windows\System32\Drivers\VMC326.sys [2009-08-10 237696] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] R4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224] S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-21 1161760] S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704] S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880] S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480] S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-09-16 79816] S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-09-16 35272] S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-09-16 34248] S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-09-16 40552] S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176] S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192] S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648] S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192] S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696] S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336] R2 Akamai;Akamai NetSession Interface; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-18 176128] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-12 267944] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys [2010-11-01 532480] R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992] R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176] S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-26 1045256] S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1343400] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] -----------------EOF----------------- [/log] czekam jeszcze na skan z malwarebytes. ta sprawa z klawiatura jest denerwujaca i nawet skrot SHIFT i CTRL do zmiany klawiatury nie dziala.. dzieki wielkie za szybka odpowiedz
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Odinstaluj Adobe PDF Conversion Toolbar. Sprawdzam, czy znasz te foldery?: C:\Users\Rafał\Desktop\sdfgsdfg C:\Users\Rafał\dsekjhsf Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. W OTL, w oknie Custom scan/fixes wklej: [code]:OTL O1 - Hosts: ㈱⸷⸰⸰‱捡楴慶整愮潤敢挮浯 O2 - BHO:r Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) :Files C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania OTL oraz nowe logi: OTL i RSIT
raasky komentarz 16 marca 2011 Autor komentarz 16 marca 2011 (edytowane) malwarebytes nic nie wykazało. klawiatura magicznie zmieniła się na PL programisty nie mogę odinstalować Adobe converter toolbar (opcja niedostępna), tylko wyłączyłem z pozycji dodatki w mozilli, tak znam te foldery log z usuwania OTL: [log]All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found. File move failed. C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found. File move failed. C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot. ========== FILES ========== C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job moved successfully. C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: ADMINI~1~VIT User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Rafał ->Temp folder emptied: 85582 bytes ->Temporary Internet Files folder emptied: 865116 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 42821535 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 456 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 290433 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 42.00 mb OTL by OldTimer - Version 3.2.22.3 log created on 03162011_200116 Files\Folders moved on Reboot... File move failed. C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] nowe OTL: [log]OTL logfile created on: 3/16/2011 8:28:03 PM - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 45.28 Gb Total Space | 9.49 Gb Free Space | 20.95% Space Free | Partition Type: NTFS Drive D: | 237.71 Gb Total Space | 24.39 Gb Free Space | 10.26% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe PRC - [2011/03/13 21:44:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011/03/13 21:44:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011/01/26 17:05:34 | 015,026,056 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/11/09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe PRC - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys PRC - [2010/10/29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2010/10/15 11:14:26 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe PRC - [2010/10/11 15:49:48 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010/08/21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010/08/20 10:49:04 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/07/04 11:09:52 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010/03/22 18:51:56 | 002,088,448 | ---- | M] (Baptiste Girod) -- C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe PRC - [2010/02/26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009/09/20 12:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2009/09/20 12:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2009/09/20 12:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2009/08/19 04:15:48 | 007,711,264 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/15 00:14:34 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2009/07/15 00:14:32 | 001,541,416 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2009/07/14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009/07/14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009/07/14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2009/04/22 16:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009/04/22 16:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008/03/06 09:12:58 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe PRC - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007/08/24 07:00:48 | 000,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2007/05/08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007/02/10 05:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe MOD - [2010/10/27 05:40:24 | 001,289,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010/06/29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010/04/07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009/12/08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009/12/08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009/07/14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009/07/14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009/07/14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009/07/14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009/07/14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009/07/14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009/07/14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009/07/14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009/07/14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009/07/14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009/07/14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009/07/14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009/07/14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009/07/14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009/07/14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/03/05 19:42:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/01/05 10:42:03 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai) SRV - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys -- (PrismXL) SRV - [2010/10/28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/04/27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc) SRV - [2009/09/23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip) SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/06/05 22:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/12/22 15:27:35 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/04 15:20:30 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010/08/20 10:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd) DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2010/02/01 12:30:32 | 000,557,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326) DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007/12/26 02:08:38 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007/01/25 02:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 48 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66 FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pl&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/30 13:15:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/03/15 20:13:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011/03/15 21:30:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/03/15 21:30:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2011/03/15 21:30:25 | 000,000,000 | ---D | M] [2011/01/02 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions [2010/02/27 14:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\personas@christopher.beard [2011/03/16 17:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions [2011/03/12 13:30:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/02/19 16:16:22 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66} [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/03/12 13:30:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/01/02 20:14:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/03/12 13:30:19 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2011/01/26 19:41:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/02/19 16:16:22 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\collector@broceliand.fr [2011/01/02 20:22:13 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\smarterwiki@wikiatic.com [2011/01/02 20:22:12 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\youtube2mp3@mondayx.de O1 HOSTS File: ([2011/03/16 19:40:49 | 000,000,052 | RH-- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [YouCam Mirage] d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: viauc.dk ([print] http in Zaufane witryny) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.10.10.5 212.10.10.4 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell - "" = AutoRun O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011/03/16 19:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Graphisoft Shared [2011/03/16 18:09:11 | 000,000,000 | ---D | C] -- C:\_OTL [2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\rsit [2011/03/15 21:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/03/15 21:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphisoft [2011/03/15 20:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2011/03/15 11:29:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe [2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\windows\XSxS [2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode [2011/03/13 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Staircase Analisys [2011/03/13 12:56:33 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Autodesk, Inc [2011/03/11 15:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Avatar [2011/03/11 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\CyberLink [2011/03/11 14:52:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [2011/03/11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\CyberLink [2011/03/10 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO [2011/03/10 09:59:43 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Files from Internet [2011/03/10 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\My Files [2011/03/10 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Lectures [2011/03/06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Podatki [2011/03/05 19:47:41 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat [2011/03/05 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes [2011/03/05 17:48:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/03/05 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/03/05 17:47:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/03/03 23:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2011/03/03 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Adobe [2011/03/03 23:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011/03/03 23:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011/03/03 21:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 5.2 [2011/03/03 20:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\3dsMax [2011/03/03 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V-Ray for SketchUp [2011/03/03 15:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe [2011/03/03 14:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASGVIS [2011/03/03 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Inventor [2011/03/02 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\sdfgsdfg [2011/03/01 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\FLVService [2011/03/01 21:18:04 | 000,000,000 | ---D | C] -- C:\windows\Freecorder [2011/02/27 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011/02/19 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\The KMPlayer [2011/02/19 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011/02/10 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\1. Literature [2011/01/30 11:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2011/01/30 11:33:49 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\HP [2011/01/30 11:33:48 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\HP [2011/01/30 11:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2011/01/30 11:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2011/01/30 11:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2011/01/30 11:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2011/01/30 11:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2011/01/30 11:27:24 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2011/01/30 11:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\StarCraft II [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2011/01/20 21:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 7 [2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Thinstall [2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Thinstall [2011/01/19 16:43:19 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\System32\lameACM.acm [2011/01/19 16:43:19 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll [2011/01/19 16:43:19 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\System32\ac3acm.acm [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011/03/16 20:30:42 | 006,553,600 | -HS- | M] () -- C:\Users\Rafał\NTUSER.DAT [2011/03/16 20:17:13 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/03/16 20:17:13 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/03/16 20:08:56 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2011/03/16 20:08:39 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/03/16 20:08:34 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2011/03/16 19:40:49 | 000,000,052 | RH-- | M] () -- C:\windows\System32\drivers\etc\Hosts [2011/03/16 19:29:39 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Start ArchiCAD 14.lnk [2011/03/16 19:27:47 | 000,020,082 | ---- | M] () -- C:\windows\vpd.properties [2011/03/16 19:20:25 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\ArchiCAD 13.lnk [2011/03/16 17:11:33 | 000,339,991 | ---- | M] () -- C:\Users\Rafał\Desktop\RSIT.exe [2011/03/16 17:05:25 | 000,148,656 | ---- | M] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2011/03/16 17:04:39 | 004,006,464 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/03/15 22:23:39 | 006,055,325 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe [2011/03/15 10:54:02 | 000,000,545 | ---- | M] () -- C:\windows\win.ini [2011/03/13 20:03:22 | 000,166,584 | ---- | M] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf [2011/03/11 11:47:44 | 000,108,629 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg [2011/03/11 11:17:47 | 000,047,161 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf [2011/03/10 13:55:06 | 001,654,586 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2011/03/10 13:55:06 | 000,734,536 | ---- | M] () -- C:\windows\System32\perfh015.dat [2011/03/10 13:55:06 | 000,653,898 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/03/10 13:55:06 | 000,148,904 | ---- | M] () -- C:\windows\System32\perfc015.dat [2011/03/10 13:55:06 | 000,121,090 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/03/10 11:39:20 | 000,049,849 | ---- | M] () -- C:\Users\Rafał\Desktop\310.dwg [2011/03/09 20:45:15 | 003,733,661 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3 [2011/03/07 13:29:33 | 000,040,240 | ---- | M] () -- C:\Users\Rafał\Documents\3D 02.jpg [2011/03/07 13:25:39 | 000,041,323 | ---- | M] () -- C:\Users\Rafał\Documents\3D 01.jpg [2011/03/06 20:02:08 | 004,004,916 | ---- | M] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3 [2011/03/06 18:43:06 | 003,161,057 | ---- | M] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3 [2011/03/06 18:11:21 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini [2011/03/03 20:01:30 | 006,485,848 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3 [2011/03/03 14:42:41 | 000,017,588 | ---- | M] () -- C:\windows\System32\drivers\etc\services [2011/03/01 19:11:26 | 002,960,430 | ---- | M] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3 [2011/02/25 09:19:23 | 000,467,882 | ---- | M] () -- C:\Users\Rafał\Desktop\0 - 20.mp3 [2011/02/25 09:19:19 | 000,531,601 | ---- | M] () -- C:\Users\Rafał\Desktop\100 -1876.mp3 [2011/02/20 13:49:37 | 012,202,592 | ---- | M] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3 [2011/02/15 09:33:03 | 000,047,104 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/14 12:13:03 | 000,040,602 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg [2011/02/11 18:23:48 | 000,381,554 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3 [2011/02/11 18:23:46 | 000,493,149 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3 [2011/02/11 18:23:45 | 000,439,232 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3 [2011/02/10 13:47:18 | 000,013,654 | ---- | M] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf [2011/02/04 16:24:01 | 003,889,142 | ---- | M] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3 [2011/02/04 15:30:06 | 003,530,115 | ---- | M] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3 [2011/02/02 21:54:05 | 000,023,713 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg [2011/01/30 13:18:38 | 000,023,203 | ---- | M] () -- C:\windows\hpqins15.dat [2011/01/30 11:33:44 | 000,211,070 | ---- | M] () -- C:\windows\hpoins18.dat [2011/01/30 11:29:41 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011/01/20 21:41:32 | 000,003,120 | ---- | M] () -- C:\windows\System32\ALLFSAF8a.ocx [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/03/16 19:29:39 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Start ArchiCAD 14.lnk [2011/03/16 19:20:25 | 000,000,858 | ---- | C] () -- C:\Users\Public\Desktop\ArchiCAD 13.lnk [2011/03/16 17:11:32 | 000,339,991 | ---- | C] () -- C:\Users\Rafał\Desktop\RSIT.exe [2011/03/15 21:29:11 | 000,020,082 | ---- | C] () -- C:\windows\vpd.properties [2011/03/15 20:13:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2011/03/15 20:13:35 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2011/03/13 20:03:20 | 000,166,584 | ---- | C] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf [2011/03/11 11:34:37 | 000,108,629 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg [2011/03/11 11:17:47 | 000,047,161 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf [2011/03/10 11:39:20 | 000,049,849 | ---- | C] () -- C:\Users\Rafał\Desktop\310.dwg [2011/03/09 20:42:03 | 003,733,661 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3 [2011/03/07 13:29:33 | 000,040,240 | ---- | C] () -- C:\Users\Rafał\Documents\3D 02.jpg [2011/03/07 13:25:39 | 000,041,323 | ---- | C] () -- C:\Users\Rafał\Documents\3D 01.jpg [2011/03/06 19:58:48 | 004,004,916 | ---- | C] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3 [2011/03/06 18:40:24 | 003,161,057 | ---- | C] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3 [2011/03/03 23:45:29 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk [2011/03/03 23:44:35 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk [2011/03/03 23:43:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk [2011/03/03 23:42:51 | 000,002,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk [2011/03/03 23:42:08 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk [2011/03/03 23:41:04 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk [2011/03/03 23:40:46 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2011/03/03 23:24:42 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk [2011/03/03 23:23:48 | 000,000,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2011/03/03 23:23:26 | 000,000,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2011/03/03 23:21:58 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011/03/03 23:21:45 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011/03/03 23:21:00 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011/03/03 20:01:12 | 006,485,848 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3 [2011/03/01 19:11:11 | 002,960,430 | ---- | C] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3 [2011/03/01 11:45:52 | 012,202,592 | ---- | C] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3 [2011/02/25 09:19:23 | 000,467,882 | ---- | C] () -- C:\Users\Rafał\Desktop\0 - 20.mp3 [2011/02/25 09:19:18 | 000,531,601 | ---- | C] () -- C:\Users\Rafał\Desktop\100 -1876.mp3 [2011/02/14 12:13:03 | 000,040,602 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg [2011/02/11 18:23:44 | 000,493,149 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3 [2011/02/11 18:23:43 | 000,439,232 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3 [2011/02/11 18:23:30 | 000,381,554 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3 [2011/02/10 13:47:18 | 000,013,654 | ---- | C] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf [2011/02/04 16:20:41 | 003,889,142 | ---- | C] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3 [2011/02/04 15:27:09 | 003,530,115 | ---- | C] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3 [2011/02/02 21:54:05 | 000,023,713 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg [2011/01/30 13:14:56 | 000,023,203 | ---- | C] () -- C:\windows\hpqins15.dat [2011/01/30 11:31:06 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk [2011/01/30 11:29:41 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011/01/30 11:26:48 | 000,211,070 | ---- | C] () -- C:\windows\hpoins18.dat [2011/01/30 11:26:48 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat [2011/01/20 21:41:32 | 000,003,120 | ---- | C] () -- C:\windows\System32\ALLFSAF8a.ocx [2011/01/19 16:43:20 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini [2011/01/19 16:43:19 | 000,000,414 | ---- | C] () -- C:\windows\System32\lame_acm.xml [2011/01/19 16:43:18 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2011/01/19 16:43:18 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2011/01/19 16:43:18 | 000,000,590 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2011/01/12 19:24:23 | 000,000,152 | ---- | C] () -- C:\windows\Aslan.INI [2010/12/19 19:10:52 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini [2010/12/19 11:25:44 | 000,000,048 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat [2010/12/05 14:10:28 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin [2010/09/04 17:47:43 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll [2010/07/31 21:40:41 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe [2010/07/31 21:40:40 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys [2010/07/31 21:40:36 | 000,183,112 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe [2010/03/01 17:50:08 | 000,000,145 | ---- | C] () -- C:\windows\splendor.ini [2010/03/01 17:46:03 | 000,284,160 | ---- | C] () -- C:\windows\unin0415.exe [2009/12/23 13:51:46 | 002,392,064 | ---- | C] () -- C:\windows\System32\videotrans.dll [2009/12/23 13:51:46 | 000,215,040 | ---- | C] () -- C:\windows\System32\videoformat.dll [2009/12/23 13:51:46 | 000,017,920 | ---- | C] () -- C:\windows\System32\videocore.dll [2009/12/23 13:51:45 | 000,061,440 | ---- | C] () -- C:\windows\System32\imgscaler.dll [2009/12/23 13:51:45 | 000,022,016 | ---- | C] () -- C:\windows\System32\img_utils.dll [2009/12/23 13:51:43 | 000,128,512 | ---- | C] () -- C:\windows\System32\xvid.dll [2009/12/21 18:03:39 | 000,210,032 | ---- | C] () -- C:\windows\System32\DBCLIENT.DLL [2009/11/03 19:08:37 | 000,047,104 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/10/31 14:55:27 | 000,138,056 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\PnkBstrK.sys [2009/10/31 14:55:10 | 002,250,024 | ---- | C] () -- C:\windows\System32\pbsvc.exe [2009/10/31 12:05:27 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll [2009/10/30 13:54:16 | 006,055,325 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db [2009/10/30 13:50:28 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini [2009/10/30 13:43:20 | 000,148,656 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT [2009/10/30 13:37:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009/09/28 19:14:04 | 000,734,536 | ---- | C] () -- C:\windows\System32\perfh015.dat [2009/09/28 19:14:04 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat [2009/09/28 19:14:04 | 000,148,904 | ---- | C] () -- C:\windows\System32\perfc015.dat [2009/09/28 19:14:04 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat [2009/09/28 19:00:26 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe [2009/09/28 19:00:26 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe [2009/09/28 18:28:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2009/09/28 09:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys [2009/09/28 03:11:13 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe [2009/09/28 02:42:20 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe [2009/07/26 21:06:02 | 001,654,586 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 05:33:53 | 004,006,464 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,653,898 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,090 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini [2009/07/14 03:04:23 | 000,000,545 | ---- | C] () -- C:\windows\win.ini [2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin [2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin [2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe [2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe [2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe [2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe [2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM [2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM [2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe [2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM [2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe [2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe [2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe [2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe [2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe [2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe [2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM [2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys [2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS [2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS [2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS [2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS [2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS [2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS [2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS [2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS [2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS [2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS [2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS [2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS [2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS [2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll [2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll [2009/06/18 19:29:04 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat [2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com [2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\windows\System32\xlive.dll.cat [color=#E56717]========== LOP Check ==========[/color] [2010/06/28 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AnvSoft [2010/07/10 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Ashampoo [2011/03/03 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Autodesk [2010/12/18 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BatteryCare [2009/12/06 14:51:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite [2011/03/16 20:11:11 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Dropbox [2010/12/05 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Efficient Sticky Notes [2011/01/14 11:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EuroTalk [2010/01/01 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu [2010/01/01 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10 [2010/07/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gmail Notifier Plus [2010/01/09 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla [2009/10/31 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech [2009/11/02 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu [2009/11/02 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM [2010/06/24 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite [2010/06/30 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\r2 Studios [2009/10/31 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Red Alert 3 [2010/11/29 13:34:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Stardock [2011/01/20 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thinstall [2010/02/27 14:44:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thunderbird [2011/03/15 22:07:33 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent [2010/11/22 10:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Xerox [2011/03/16 20:08:56 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/03/16 20:08:34 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/03/16 20:08:37 | 3215,577,088 | -HS- | M] () -- C:\pagefile.sys [2009/09/28 02:37:48 | 000,002,003 | ---- | M] () -- C:\RHDSetup.log [2009/09/28 03:09:41 | 000,000,166 | ---- | M] () -- C:\Setup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 3/16/2011 8:28:03 PM - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 45.28 Gb Total Space | 9.49 Gb Free Space | 20.95% Space Free | Partition Type: NTFS Drive D: | 237.71 Gb Total Space | 24.39 Gb Free Space | 10.26% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- Reg Error: Value error. https [open] -- Reg Error: Value error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- D:\Program Files\Adobe\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002DD827-7FAC-A09F-7382-BCF61E6744C8}" = CCC Help Portuguese "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater "{0C255F02-22AF-F50B-E945-B8D763E1A077}" = CCC Help Greek "{0C5F09B4-5C7A-6F41-89F4-65B419A639B9}" = CCC Help Chinese Standard "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4 "{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager "{180641E1-F6C2-6053-1022-78B9C49D173D}" = CCC Help Finnish "{18A2FD82-910A-0208-3AE1-169E92F2AFA4}" = CCC Help Dutch "{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{2822F016-69E9-A368-B612-685CCF4A9B83}" = CCC Help English "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2A07F8DD-96E5-8A5D-3C6A-D60F38D1F34B}" = CCC Help Turkish "{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2D397BD2-ED49-F9B9-4F65-D60D00AD6C5F}" = CCC Help Norwegian "{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{30C4566A-85AC-1713-71B2-3BE50C7146F8}" = CCC Help Thai "{3380D2BE-EAE4-034C-1096-3CA28F82A2F9}" = CCC Help French "{3920C82C-C03F-0D90-8009-CBFD8CF0214B}" = ccc-utility "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1 "{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100 "{4067974F-F2E5-5893-E7A3-10C345089305}" = CCC Help Polish "{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup "{4177BBB8-D654-4364-A898-BA00A68D7897}" = CCC Help Swedish "{41CD70E9-E193-8358-A837-A3A900565840}" = CCC Help Russian "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{44B4C2E3-D570-16B4-8CED-3D83AAF5D6F7}" = Catalyst Control Center Localization All "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{473937BF-F1ED-764D-01A8-12A672DED3E0}" = CCC Help Spanish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007 "{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011 "{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 "{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center "{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4ECC1D06-672F-2935-E570-CA2D210AE0CE}" = Catalyst Control Center InstallProxy "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5783F2D7-9001-0409-0002-0060B0CE6BBA}" = AutoCAD 2011 - English "{5783F2D7-9001-0409-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - English "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011 "{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Twierdza Krzyżowiec "{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011 "{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer "{8D7CCD59-BEBB-57D4-23EC-B9A9DB173EAA}" = Catalyst Control Center Graphics Previews Vista "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime "{8EE4C584-C82E-9BE3-41C1-BC2A53774DE6}" = CCC Help Korean "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{94A4609B-0414-4427-81F3-0FD282A2D0D3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs "{90120000-00B1-0409-0000-0000000FF1CE}" = Microsoft Save as XPS Add-in for 2007 Microsoft Office programs "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{940C416E-1BE6-58C0-949E-1A588349B0C7}" = CCC Help Hungarian "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library "{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live "{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live "{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011 "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A1802E07-1CC7-4CD1-AFBF-E2CC94B99046}" = Crypt4Free "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2F34AF5-E329-444C-BD1B-137637AB23AD}" = BatteryCare "{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B15A87DC-46AC-D726-E2F5-06A3D5F35C06}" = ATI Catalyst Install Manager "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 "{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager "{B7D833B7-915D-C859-D7A6-3639423E878C}" = CCC Help Danish "{B9F76257-02B5-EB70-2A72-6D56C9359985}" = CCC Help Italian "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BB778F28-FD55-C8FD-8E0B-482814C05D6B}" = CCC Help Chinese Traditional "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{BF076135-7D69-3255-D72B-487E67146727}" = CCC Help Japanese "{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}" = Google SketchUp Pro 7 "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB829D09-6426-F17D-C95D-303A6613A190}" = ccc-core-static "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library "{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools "{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program "{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5A5844F-80CB-665D-0AF9-9D712F4E6238}" = CCC Help German "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software "{F88335A8-CA7B-41DE-B37D-81306C73B507}" = Bezpieczeństwo rodzinne usługi Windows Live "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F958FF6B-B2B8-03F6-B56D-7D5E04768AA8}" = CCC Help Czech "{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "001FFF1FFF13FF00FF0701F00F02F000-R1" = ArchiCAD 13 INT "001FFF1FFF14FF00FF0701F01F02F000-R1" = ArchiCAD 14 INT "048FFFFFFF13FF00FF0701F00F02F000-R1" = ArchiCAD Essentials Interactive Training Guide "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "5e6c9151" = Contextual Tool Yourprofitclub "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe SVG Viewer" = Adobe SVG Viewer 3.0 "Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4 "Akamai" = Akamai NetSession Interface "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1 "Audacity_is1" = Audacity 1.2.6 "AutoCAD 2011 - English" = AutoCAD 2011 - English "Autodesk Design Review 2011" = Autodesk Design Review 2011 "Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 "Autodesk Revit Architecture 2011" = Autodesk Revit Architecture 2011 "Autodesk Revit Architecture 2011 SP2" = Autodesk Revit Architecture 2011 x86 Update 2 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6 "Be06v4" = Be06v4 "Business Contact Manager" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "CutePDF Writer Installation" = CutePDF Writer 2.8 "Edraw Max_is1" = Edraw Max 5.2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "FastStone Capture" = FastStone Capture 5.3 "Fences" = Fences "Gadu-Gadu 10" = Gadu-Gadu 10 "HDD Health_is1" = HDD Health v3.3 Beta "Heroes of Might and Magic® III" = Heroes of Might and Magic® III "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full) "Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1) "NapiProjekt_is1" = NapiProjekt 1.0.6.5 "Picasa 3" = Picasa 3 "Polskie Normy i prawo budowlane_is1" = Polskie Normy i prawo budowlane "RealAlt_is1" = Real Alternative 2.0.1 "Shop for HP Supplies" = Shop for HP Supplies "sp6" = Logitech SetPoint 6.20 "ST6UNST #1" = EngiLab Beam.2D ML v1.20 "StarCraft II" = StarCraft II "SynTPDeinstKey" = Synaptics Pointing Device Driver "uTorrent" = µTorrent "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "Virtual DJ 5.2 (Crack v2)" = Virtual DJ 5.2 (Crack v2) "V-Ray for SketchUp 1.48.89" = V-Ray for SketchUp "WheelMouse" = 2X-Office 7.80 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "Wise Disk Cleaner_is1" = Wise Disk Cleaner 4.84 "Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.92 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BankBrowser" = BankBrowser "Dropbox" = Dropbox "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 3/6/2011 5:31:15 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 3:28:33 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 7:56:59 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 9:20:06 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/7/2011 4:44:01 PM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/8/2011 3:06:57 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/8/2011 3:36:23 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/9/2011 11:28:03 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/10/2011 3:27:16 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = Error - 3/10/2011 11:40:58 AM | Computer Name = Notebook | Source = Schedule | ID = 0 Description = [ OSession Events ] Error - 10/8/2010 3:41:09 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 33 seconds with 0 seconds of active time. This session ended with a crash. Error - 10/8/2010 8:35:05 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 114 seconds with 60 seconds of active time. This session ended with a crash. Error - 10/8/2010 8:35:43 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30 seconds with 0 seconds of active time. This session ended with a crash. Error - 1/9/2011 9:01:24 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 3/16/2011 1:09:12 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7034 Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029 Description = Display is not active Error - 3/16/2011 1:10:13 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001 Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 3/16/2011 3:01:17 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7034 Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 3/16/2011 3:08:54 PM | Computer Name = Notebook | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 20:00:58 na ?2011-?03-?16 było nieoczekiwane. Error - 3/16/2011 3:08:40 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 3/16/2011 3:08:40 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029 Description = Display is not active Error - 3/16/2011 3:08:58 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001 Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 3/16/2011 3:10:54 PM | Computer Name = Notebook | Source = DCOM | ID = 10010 Description = < End of report > [/log] nowe RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Rafał at 2011-03-16 20:28:23 Microsoft Windows 7 Home Premium System drive C: has 10 GB (21%) free of 46 GB Total RAM: 3067 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:28:29, on 2011-03-16 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\A4Tech\Mouse\Amoumain.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Skype\Phone\Skype.exe D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe D:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Rafał\Desktop\OTL.exe C:\Users\Rafał\Desktop\RSIT.exe C:\windows\system32\SearchFilterHost.exe C:\Program Files\trend micro\Rafał.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ˙ţ127.0.0.1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [YouCam Mirage] "d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Startup: Dropbox.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe O15 - Trusted Zone: http://print.viauc.dk O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 10967 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-02 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-19 7711264] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1541416] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2009-03-08 73728] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272] "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648] "SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "YouCam Mirage"=d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe [2010-08-20 136488] "YouCam Tray"=d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe [2011-01-19 162912] "Adobe Acrobat Speed Launcher"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760] "Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144] "QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] "Google Update"=C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - C:\windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2011-03-16 19:17:27 ----D---- C:\Program Files\Common Files\Graphisoft Shared 2011-03-16 18:09:11 ----D---- C:\_OTL 2011-03-16 17:11:42 ----D---- C:\rsit 2011-03-16 17:11:42 ----D---- C:\Program Files\trend micro 2011-03-15 10:51:46 ----D---- C:\windows\XSxS 2011-03-15 10:51:46 ----D---- C:\Program Files\Xenocode 2011-03-05 19:47:41 ----D---- C:\windows\system32\Wat 2011-03-05 19:42:27 ----A---- C:\windows\system32\drivers\sffp_sd.sys 2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\usbvideo.sys 2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\ks.sys 2011-03-05 19:42:21 ----A---- C:\windows\system32\wcncsvc.dll 2011-03-05 19:42:14 ----A---- C:\windows\system32\mshtml.dll 2011-03-05 19:42:10 ----A---- C:\windows\system32\iertutil.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\mstime.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeedsbs.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeeds.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\licmgr10.dll 2011-03-05 19:42:09 ----A---- C:\windows\system32\iedkcs32.dll 2011-03-05 19:42:08 ----A---- C:\windows\system32\mshtmled.dll 2011-03-05 19:42:08 ----A---- C:\windows\system32\msfeedssync.exe 2011-03-05 19:42:08 ----A---- C:\windows\system32\iepeers.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\mf.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\FntCache.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\DWrite.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\d3d10warp.dll 2011-03-05 19:41:46 ----A---- C:\windows\system32\d2d1.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\WMVDECOD.DLL 2011-03-05 19:41:45 ----A---- C:\windows\system32\mfreadwrite.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\ExplorerFrame.dll 2011-03-05 19:41:45 ----A---- C:\windows\system32\d3d10_1core.dll 2011-03-05 19:41:44 ----A---- C:\windows\system32\XpsRasterService.dll 2011-03-05 19:41:43 ----A---- C:\windows\system32\upnp.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\wininet.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\urlmon.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\msxml6.dll 2011-03-05 19:41:42 ----A---- C:\windows\system32\ieframe.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\wscsvc.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\wscapi.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\winhttp.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\WebClnt.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\slwga.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\msxml3.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\jsproxy.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\ieui.dll 2011-03-05 19:41:41 ----A---- C:\windows\system32\davclnt.dll 2011-03-05 19:41:37 ----A---- C:\windows\system32\tzres.dll 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntoskrnl.exe 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntkrnlpa.exe 2011-03-05 19:41:33 ----A---- C:\windows\system32\ntdll.dll 2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc_isv.dll 2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp_isv.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp.dll 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_isv.exe 2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate.exe 2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsPrint.dll 2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsGdiConverter.dll 2011-03-05 19:41:29 ----A---- C:\windows\system32\odbc32.dll 2011-03-05 19:41:29 ----A---- C:\windows\system32\kerberos.dll 2011-03-05 19:41:28 ----A---- C:\windows\system32\consent.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\wmicmiplugin.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskschd.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskeng.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\taskcomp.dll 2011-03-05 19:41:27 ----A---- C:\windows\system32\schtasks.exe 2011-03-05 19:41:27 ----A---- C:\windows\system32\schedsvc.dll 2011-03-05 19:41:26 ----A---- C:\windows\system32\oleaut32.dll 2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\fvevol.sys 2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\Diskdump.sys 2011-03-05 19:41:25 ----A---- C:\windows\system32\win32k.sys 2011-03-05 19:41:24 ----A---- C:\windows\system32\webio.dll 2011-03-05 19:41:24 ----A---- C:\windows\system32\atmlib.dll 2011-03-05 19:41:24 ----A---- C:\windows\system32\atmfd.dll 2011-03-05 19:41:22 ----A---- C:\windows\system32\CPFilters.dll 2011-03-05 19:41:21 ----A---- C:\windows\system32\psisdecd.dll 2011-03-05 19:41:21 ----A---- C:\windows\system32\msdri.dll 2011-03-05 19:41:19 ----A---- C:\windows\system32\vbscript.dll 2011-03-05 19:41:19 ----A---- C:\windows\system32\jscript.dll 2011-03-05 19:40:49 ----A---- C:\windows\system32\d3d10_1.dll 2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgmms1.sys 2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys 2011-03-05 19:39:28 ----A---- C:\windows\system32\cdd.dll 2011-03-05 17:48:07 ----D---- C:\Users\Rafał\AppData\Roaming\Malwarebytes 2011-03-05 17:48:02 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys 2011-03-05 17:48:00 ----D---- C:\ProgramData\Malwarebytes 2011-03-05 17:47:57 ----A---- C:\windows\system32\drivers\mbam.sys 2011-03-03 23:25:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2011-03-03 23:22:22 ----D---- C:\Program Files\Adobe Media Player 2011-03-03 23:20:58 ----D---- C:\Program Files\Common Files\Adobe AIR 2011-03-03 15:45:20 ----D---- C:\windows\system32\Adobe 2011-03-03 14:48:13 ----D---- C:\ProgramData\ASGVIS 2011-03-01 21:18:04 ----D---- C:\windows\Freecorder 2011-02-27 10:38:58 ----D---- C:\Program Files\Common Files\Skype ======List of files/folders modified in the last 1 months====== 2011-03-16 20:11:25 ----D---- C:\windows\Temp 2011-03-16 20:11:25 ----D---- C:\Users\Rafał\AppData\Roaming\Skype 2011-03-16 20:11:11 ----D---- C:\Users\Rafał\AppData\Roaming\Dropbox 2011-03-16 20:08:58 ----D---- C:\Program Files\Common Files\Akamai 2011-03-16 20:01:19 ----D---- C:\windows\Tasks 2011-03-16 19:27:47 ----D---- C:\Windows 2011-03-16 19:17:27 ----D---- C:\Program Files\Common Files 2011-03-16 19:12:44 ----SHD---- C:\windows\Installer 2011-03-16 19:12:44 ----HD---- C:\Config.Msi 2011-03-16 18:09:14 ----D---- C:\windows\System32 2011-03-16 17:11:42 ----RD---- C:\Program Files 2011-03-16 17:06:17 ----D---- C:\Users\Rafał\AppData\Roaming\skypePM 2011-03-15 22:07:33 ----D---- C:\Users\Rafał\AppData\Roaming\uTorrent 2011-03-15 21:30:24 ----D---- C:\Program Files\Internet Explorer 2011-03-15 21:30:02 ----D---- C:\Program Files\Common Files\Apple 2011-03-15 20:17:54 ----D---- C:\Program Files\Adobe 2011-03-15 20:14:23 ----D---- C:\Program Files\Common Files\Adobe 2011-03-15 20:14:11 ----D---- C:\windows\system32\DriverStore 2011-03-15 20:14:11 ----D---- C:\windows\inf 2011-03-15 20:11:41 ----RSD---- C:\windows\Fonts 2011-03-15 10:54:02 ----D---- C:\ProgramData\Microsoft Help 2011-03-15 10:54:02 ----A---- C:\windows\win.ini 2011-03-15 08:32:20 ----D---- C:\windows\system32\NDF 2011-03-12 23:12:23 ----D---- C:\windows\system32\drivers 2011-03-12 23:12:23 ----D---- C:\windows\ShellNew 2011-03-12 16:44:01 ----SHD---- C:\System Volume Information 2011-03-11 14:53:39 ----D---- C:\windows\system32\catroot 2011-03-11 14:53:36 ----HD---- C:\Program Files\InstallShield Installation Information 2011-03-11 14:53:08 ----AD---- C:\ProgramData\Temp 2011-03-11 14:35:54 ----D---- C:\ProgramData\CyberLink 2011-03-11 14:12:03 ----D---- C:\Program Files\CyberLink 2011-03-11 13:26:22 ----D---- C:\Users\Rafał\AppData\Roaming\CyberLink 2011-03-10 13:55:06 ----A---- C:\windows\system32\PerfStringBackup.INI 2011-03-10 09:53:05 ----SD---- C:\Users\Rafał\AppData\Roaming\Microsoft 2011-03-07 22:10:32 ----D---- C:\windows\system32\wdi 2011-03-06 18:11:21 ----A---- C:\windows\NeroDigital.ini 2011-03-05 20:25:24 ----D---- C:\windows\Microsoft.NET 2011-03-05 20:24:34 ----RSD---- C:\windows\assembly 2011-03-05 19:53:24 ----D---- C:\windows\system32\config 2011-03-05 19:49:55 ----D---- C:\windows\winsxs 2011-03-05 19:47:44 ----D---- C:\windows\system32\pl-PL 2011-03-05 19:47:44 ----D---- C:\windows\ehome 2011-03-05 19:47:44 ----D---- C:\Program Files\Windows Mail 2011-03-05 19:47:43 ----D---- C:\windows\AppPatch 2011-03-05 19:47:42 ----D---- C:\windows\system32\migration 2011-03-05 19:42:27 ----D---- C:\windows\system32\catroot2 2011-03-05 18:12:07 ----D---- C:\windows\Prefetch 2011-03-05 17:48:00 ----HD---- C:\ProgramData 2011-03-05 17:42:25 ----D---- C:\windows\system32\drivers\etc 2011-03-05 17:37:15 ----D---- C:\windows\system32\Tasks 2011-03-03 23:49:18 ----D---- C:\Users\Rafał\AppData\Roaming\Adobe 2011-03-03 23:47:57 ----D---- C:\ProgramData\FLEXnet 2011-03-03 23:45:32 ----D---- C:\ProgramData\Adobe 2011-03-03 23:34:20 ----D---- C:\Users\Rafał\AppData\Roaming\WinRAR 2011-03-03 20:24:07 ----D---- C:\Users\Rafał\AppData\Roaming\Autodesk 2011-03-03 20:24:07 ----D---- C:\ProgramData\Autodesk 2011-03-03 14:44:09 ----D---- C:\Program Files\Autodesk 2011-03-03 14:09:16 ----D---- C:\windows\Downloaded Program Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-25 8704] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2010-12-22 135096] R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-09-16 214664] R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752] R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2010-12-04 61960] R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-08-20 27632] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-08-19 2752352] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328] R3 rtl819xp;Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) Realtek RTL8190/RTL8192E 802.11n; C:\windows\system32\DRIVERS\rtl819xp.sys [2010-02-01 557088] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-15 212656] R3 VMC326;Vimicro Camera Service VMC326; C:\windows\System32\Drivers\VMC326.sys [2009-08-10 237696] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-21 1161760] S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704] S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880] S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480] S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-09-16 79816] S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-09-16 35272] S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-09-16 34248] S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-09-16 40552] S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176] S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192] S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648] S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192] S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696] S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336] R2 Akamai;Akamai NetSession Interface; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-18 176128] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-12 267944] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys [2010-11-01 532480] R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992] R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176] S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-26 1045256] S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1343400] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] -----------------EOF----------------- [/log]
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Podmieniłbym na Twoim miejscu C:\Windows\System32\rundll32.exe z płytki. Bo jak mówiłem jest dla mnie podejrzany. Nic tu specjalnego nie widać W OTL wciśnij CleanUp.
raasky komentarz 17 marca 2011 Autor komentarz 17 marca 2011 pliki systemowe podmieniłem z płytki recovery, wszystko śmiga jak należy, a co to były te chińskie znaczki? bardzo dziękuję za pomoc!
Tomek01 komentarz 17 marca 2011 komentarz 17 marca 2011 Zabezpiecz się jeszcze przed intruzami, Użyj [url="http://www.dobreprogramy.pl/Windows-Worms-Doors-Cleaner,Program,Windows,11744.html"][b][color="#0000FF"]WWDC[/color][/b][/url], pozamykaj robaczywe porty. Tak aby znaczki były na zielono (dopuszczalny jest jeden żółty). Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.