x-kom hosting

zamulanie kompa, brak paska jezyka, logi OTL

raasky
utworzono
utworzono (edytowane)

Witam, od paru dni bardzo zamula mi komp, przy czyszczeniu rejestru wyskakuje 3x wiecej problemow do naprawienia niz zwykle. Zniknal mi pasek jezyka z paska zadan w windows 7, zostal zmieniony na PL 214, ale w skype dziala PL programisty. Nie pomaga zaznaczenie opcji pokaz dodatkowe ikony paska jezyka czy pasek jezyka na wierzchu pulpitu. Usunalem z listy wszystkie klawiatury oprócz PL programisty i 214, ktora jest domyslna i nie moge jej usunac, a mimo wszystko dalej wszedzie oprócz czatu w skype pisze w PL 214 :?
Prosze o pomoc!
Podaje logi z OTL
[log]OTL logfile created on: 3/15/2011 11:35:07 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.28 Gb Total Space | 8.15 Gb Free Space | 17.99% Space Free | Partition Type: NTFS
Drive D: | 237.71 Gb Total Space | 26.38 Gb Free Space | 11.10% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
PRC - [2011/03/13 21:44:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/11/09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys
PRC - [2010/10/29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/09/04 04:20:40 | 003,845,000 | ---- | M] (Autodesk, Inc.) -- D:\Program Files\Autodesk\Revit Architecture 2011\Program\Revit.exe
PRC - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/08/20 10:49:04 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/05/20 06:32:50 | 000,442,808 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exe
PRC - [2010/03/22 18:51:56 | 002,088,448 | ---- | M] (Baptiste Girod) -- C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe
PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2010/02/26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/03/06 09:12:58 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011/03/05 19:42:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/05 10:42:03 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys -- (PrismXL)
SRV - [2010/10/28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/04/27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc)
SRV - [2009/09/23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/05 22:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/12/22 15:27:35 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/04 15:20:30 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/20 10:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/02/01 12:30:32 | 000,557,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/12/26 02:08:38 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007/01/25 02:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pl&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/30 13:15:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011/03/13 21:44:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/03/13 21:44:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2010/02/27 14:44:05 | 000,000,000 | ---D | M]

[2011/01/02 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions
[2010/02/27 14:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\personas@christopher.beard
[2011/03/14 13:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions
[2011/03/12 13:30:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/02/19 16:16:22 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66}
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/12 13:30:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/02 20:14:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/12 13:30:19 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2011/01/26 19:41:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/19 16:16:22 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\collector@broceliand.fr
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\smarterwiki@wikiatic.com
[2011/01/02 20:22:12 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\youtube2mp3@mondayx.de

O1 HOSTS File: ([2011/03/05 17:42:25 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [YouCam Mirage] d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..Trusted Domains: viauc.dk ([print] http in Zaufane witryny)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.253.22.140 10.253.22.141
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell - "" = AutoRun
O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/03/15 11:29:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
[2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\windows\XSxS
[2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2011/03/15 10:47:14 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Flash Plaer
[2011/03/13 20:12:21 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\ArchiCAD 13
[2011/03/13 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Staircase Analisys
[2011/03/13 12:56:33 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Autodesk, Inc
[2011/03/11 15:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Avatar
[2011/03/11 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\CyberLink
[2011/03/11 14:52:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/03/11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\CyberLink
[2011/03/10 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2011/03/10 09:59:43 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Files from Internet
[2011/03/10 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\My Files
[2011/03/10 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Lectures
[2011/03/06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Podatki
[2011/03/05 19:47:41 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat
[2011/03/05 19:42:24 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys
[2011/03/05 19:42:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/03/05 19:42:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/03/05 19:42:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/03/05 19:42:09 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/03/05 19:42:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/03/05 19:42:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/03/05 19:42:08 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/03/05 19:42:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/03/05 19:42:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/03/05 19:41:46 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll
[2011/03/05 19:41:46 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2011/03/05 19:41:46 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2011/03/05 19:41:46 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll
[2011/03/05 19:41:45 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2011/03/05 19:41:45 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2011/03/05 19:41:45 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2011/03/05 19:41:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll
[2011/03/05 19:41:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll
[2011/03/05 19:41:43 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\upnp.dll
[2011/03/05 19:41:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011/03/05 19:41:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\davclnt.dll
[2011/03/05 19:41:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll
[2011/03/05 19:41:41 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011/03/05 19:41:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll
[2011/03/05 19:41:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2011/03/05 19:41:33 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2011/03/05 19:41:33 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2011/03/05 19:41:32 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc.dll
[2011/03/05 19:41:32 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_isv.dll
[2011/03/05 19:41:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_isv.exe
[2011/03/05 19:41:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate.exe
[2011/03/05 19:41:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp.exe
[2011/03/05 19:41:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp_isv.exe
[2011/03/05 19:41:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp_isv.dll
[2011/03/05 19:41:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp.dll
[2011/03/05 19:41:30 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2011/03/05 19:41:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2011/03/05 19:41:29 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbc32.dll
[2011/03/05 19:41:28 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe
[2011/03/05 19:41:27 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll
[2011/03/05 19:41:27 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll
[2011/03/05 19:41:27 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll
[2011/03/05 19:41:27 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe
[2011/03/05 19:41:26 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys
[2011/03/05 19:41:25 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011/03/05 19:41:24 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2011/03/05 19:41:24 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2011/03/05 19:41:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2011/03/05 19:41:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll
[2011/03/05 19:41:21 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisdecd.dll
[2011/03/05 19:41:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdri.dll
[2011/03/05 19:41:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSNP.ax
[2011/03/05 19:41:21 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax
[2011/03/05 19:41:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll
[2011/03/05 19:41:19 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[2011/03/05 19:40:49 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2011/03/05 19:39:28 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys
[2011/03/05 19:39:28 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll
[2011/03/05 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes
[2011/03/05 17:48:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/03/05 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/05 17:47:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/03/03 23:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2011/03/03 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Adobe
[2011/03/03 23:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011/03/03 23:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/03/03 21:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 5.2
[2011/03/03 20:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\3dsMax
[2011/03/03 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V-Ray for SketchUp
[2011/03/03 15:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe
[2011/03/03 14:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASGVIS
[2011/03/03 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Inventor
[2011/03/02 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\sdfgsdfg
[2011/03/01 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\FLVService
[2011/03/01 21:18:04 | 000,000,000 | ---D | C] -- C:\windows\Freecorder
[2011/02/27 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/02/19 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\The KMPlayer
[2011/02/19 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/02/14 12:09:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\dsekjhsf

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/03/15 11:39:09 | 006,553,600 | -HS- | M] () -- C:\Users\Rafał\NTUSER.DAT
[2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
[2011/03/15 10:54:02 | 000,000,545 | ---- | M] () -- C:\windows\win.ini
[2011/03/15 08:36:02 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/15 08:36:02 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/15 08:28:19 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2011/03/15 08:28:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/03/15 08:28:09 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/14 14:01:59 | 006,092,849 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db
[2011/03/13 20:03:22 | 000,166,584 | ---- | M] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf
[2011/03/11 11:47:44 | 000,108,629 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg
[2011/03/11 11:17:47 | 000,047,161 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf
[2011/03/10 13:55:06 | 001,654,586 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2011/03/10 13:55:06 | 000,734,536 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2011/03/10 13:55:06 | 000,653,898 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/03/10 13:55:06 | 000,148,904 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2011/03/10 13:55:06 | 000,121,090 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/03/10 11:39:20 | 000,049,849 | ---- | M] () -- C:\Users\Rafał\Desktop\310.dwg
[2011/03/09 20:45:15 | 003,733,661 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3
[2011/03/07 13:29:33 | 000,040,240 | ---- | M] () -- C:\Users\Rafał\Documents\3D 02.jpg
[2011/03/07 13:25:39 | 000,041,323 | ---- | M] () -- C:\Users\Rafał\Documents\3D 01.jpg
[2011/03/06 20:02:08 | 004,004,916 | ---- | M] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3
[2011/03/06 18:43:06 | 003,161,057 | ---- | M] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3
[2011/03/06 18:11:21 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini
[2011/03/05 19:57:30 | 000,000,304 | -HS- | M] () -- C:\windows\tasks\Vwclnspa.job
[2011/03/05 19:50:19 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/05 19:49:19 | 004,006,440 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/03/05 19:31:00 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job
[2011/03/05 19:19:00 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/05 17:42:25 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2011/03/05 16:31:00 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
[2011/03/03 23:48:55 | 000,148,264 | ---- | M] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/03/03 23:36:07 | 000,125,927 | ---- | M] () -- C:\windows\System32\5e6c9151.exe
[2011/03/03 23:35:57 | 000,001,023 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk
[2011/03/03 20:01:30 | 006,485,848 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3
[2011/03/03 14:42:41 | 000,017,588 | ---- | M] () -- C:\windows\System32\drivers\etc\services
[2011/03/01 19:11:26 | 002,960,430 | ---- | M] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3
[2011/02/25 09:19:23 | 000,467,882 | ---- | M] () -- C:\Users\Rafał\Desktop\0 - 20.mp3
[2011/02/25 09:19:19 | 000,531,601 | ---- | M] () -- C:\Users\Rafał\Desktop\100 -1876.mp3
[2011/02/20 13:49:37 | 012,202,592 | ---- | M] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3
[2011/02/15 09:33:03 | 000,047,104 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 12:13:03 | 000,040,602 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/03/13 20:03:20 | 000,166,584 | ---- | C] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf
[2011/03/11 11:34:37 | 000,108,629 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg
[2011/03/11 11:17:47 | 000,047,161 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf
[2011/03/10 11:39:20 | 000,049,849 | ---- | C] () -- C:\Users\Rafał\Desktop\310.dwg
[2011/03/09 20:42:03 | 003,733,661 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3
[2011/03/07 13:29:33 | 000,040,240 | ---- | C] () -- C:\Users\Rafał\Documents\3D 02.jpg
[2011/03/07 13:25:39 | 000,041,323 | ---- | C] () -- C:\Users\Rafał\Documents\3D 01.jpg
[2011/03/06 19:58:48 | 004,004,916 | ---- | C] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3
[2011/03/06 18:40:24 | 003,161,057 | ---- | C] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3
[2011/03/03 23:45:29 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
[2011/03/03 23:44:35 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2011/03/03 23:43:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
[2011/03/03 23:42:51 | 000,002,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
[2011/03/03 23:42:08 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2011/03/03 23:41:04 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2011/03/03 23:40:46 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2011/03/03 23:34:31 | 000,125,927 | ---- | C] () -- C:\windows\System32\5e6c9151.exe
[2011/03/03 23:34:21 | 000,001,023 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk
[2011/03/03 23:33:48 | 000,000,304 | -HS- | C] () -- C:\windows\tasks\Vwclnspa.job
[2011/03/03 23:24:42 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011/03/03 23:23:48 | 000,000,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011/03/03 23:23:26 | 000,000,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011/03/03 23:21:58 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011/03/03 23:21:45 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011/03/03 23:21:00 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/03/03 20:01:12 | 006,485,848 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3
[2011/03/01 19:11:11 | 002,960,430 | ---- | C] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3
[2011/03/01 11:45:52 | 012,202,592 | ---- | C] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3
[2011/02/25 09:19:23 | 000,467,882 | ---- | C] () -- C:\Users\Rafał\Desktop\0 - 20.mp3
[2011/02/25 09:19:18 | 000,531,601 | ---- | C] () -- C:\Users\Rafał\Desktop\100 -1876.mp3
[2011/02/19 16:26:44 | 000,001,058 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job
[2011/02/19 16:26:43 | 000,001,006 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
[2011/02/14 12:13:03 | 000,040,602 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg
[2011/01/30 13:14:56 | 000,023,203 | ---- | C] () -- C:\windows\hpqins15.dat
[2011/01/30 11:26:48 | 000,211,070 | ---- | C] () -- C:\windows\hpoins18.dat
[2011/01/30 11:26:48 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat
[2011/01/19 16:43:20 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/01/19 16:43:18 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2011/01/19 16:43:18 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2011/01/19 16:43:18 | 000,000,590 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2011/01/12 19:24:23 | 000,000,152 | ---- | C] () -- C:\windows\Aslan.INI
[2010/12/19 19:10:52 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini
[2010/12/19 11:25:44 | 000,000,048 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/12/05 14:10:28 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin
[2010/09/04 17:47:43 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll
[2010/07/31 21:40:41 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2010/07/31 21:40:40 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2010/07/31 21:40:36 | 000,183,112 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2010/03/01 17:50:08 | 000,000,145 | ---- | C] () -- C:\windows\splendor.ini
[2010/03/01 17:46:03 | 000,284,160 | ---- | C] () -- C:\windows\unin0415.exe
[2009/12/23 13:51:46 | 002,392,064 | ---- | C] () -- C:\windows\System32\videotrans.dll
[2009/12/23 13:51:46 | 000,215,040 | ---- | C] () -- C:\windows\System32\videoformat.dll
[2009/12/23 13:51:46 | 000,017,920 | ---- | C] () -- C:\windows\System32\videocore.dll
[2009/12/23 13:51:45 | 000,061,440 | ---- | C] () -- C:\windows\System32\imgscaler.dll
[2009/12/23 13:51:45 | 000,022,016 | ---- | C] () -- C:\windows\System32\img_utils.dll
[2009/12/23 13:51:43 | 000,128,512 | ---- | C] () -- C:\windows\System32\xvid.dll
[2009/12/21 18:03:39 | 000,210,032 | ---- | C] () -- C:\windows\System32\DBCLIENT.DLL
[2009/11/03 19:08:37 | 000,047,104 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 14:55:27 | 000,138,056 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\PnkBstrK.sys
[2009/10/31 14:55:10 | 002,250,024 | ---- | C] () -- C:\windows\System32\pbsvc.exe
[2009/10/31 12:05:27 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/10/30 13:54:16 | 006,092,849 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db
[2009/10/30 13:50:28 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2009/10/30 13:43:20 | 000,148,264 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/30 13:37:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/28 19:14:04 | 000,734,536 | ---- | C] () -- C:\windows\System32\perfh015.dat
[2009/09/28 19:14:04 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat
[2009/09/28 19:14:04 | 000,148,904 | ---- | C] () -- C:\windows\System32\perfc015.dat
[2009/09/28 19:14:04 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat
[2009/09/28 19:00:26 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/09/28 19:00:26 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/09/28 18:28:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/09/28 09:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys
[2009/09/28 03:11:13 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/09/28 02:42:20 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe
[2009/07/26 21:06:02 | 001,654,586 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 05:33:53 | 004,006,440 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,653,898 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,121,090 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini
[2009/07/14 03:04:23 | 000,000,545 | ---- | C] () -- C:\windows\win.ini
[2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe
[2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe
[2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe
[2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe
[2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe
[2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM
[2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM
[2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe
[2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM
[2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe
[2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe
[2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe
[2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe
[2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe
[2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe
[2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM
[2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys
[2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS
[2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS
[2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS
[2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS
[2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS
[2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS
[2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS
[2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS
[2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS
[2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS
[2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS
[2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS
[2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS
[2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll
[2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll
[2009/06/18 19:29:04 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com
[2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\windows\System32\xlive.dll.cat

[color=#E56717]========== LOP Check ==========[/color]

[2009/10/31 10:11:39 | 000,000,000 | -HSD | M] -- C:\Users\Rafał\AppData\Roaming\.#
[2010/06/28 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AnvSoft
[2010/07/10 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Ashampoo
[2011/03/03 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Autodesk
[2010/12/18 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BatteryCare
[2009/12/06 14:51:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite
[2011/03/15 08:50:16 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Dropbox
[2010/12/05 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Efficient Sticky Notes
[2011/01/14 11:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EuroTalk
[2010/01/01 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu
[2010/01/01 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10
[2010/07/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gmail Notifier Plus
[2010/01/09 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla
[2009/10/31 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech
[2009/11/02 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu
[2009/11/02 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM
[2010/06/24 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite
[2010/06/30 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\r2 Studios
[2009/10/31 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Red Alert 3
[2010/11/29 13:34:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Stardock
[2011/01/20 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thinstall
[2010/02/27 14:44:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thunderbird
[2011/03/13 22:02:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent
[2010/11/22 10:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Xerox
[2011/03/15 08:28:19 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/03/05 19:57:30 | 000,000,304 | -HS- | M] () -- C:\Windows\Tasks\Vwclnspa.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/03/15 08:28:09 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/15 08:28:14 | 3215,577,088 | -HS- | M] () -- C:\pagefile.sys
[2009/09/28 02:37:48 | 000,002,003 | ---- | M] () -- C:\RHDSetup.log
[2009/09/28 03:09:41 | 000,000,166 | ---- | M] () -- C:\Setup.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:ABE89FFE

< End of report >
[/log]

Tomek01
komentarz
komentarz

Wrzuć jeszcze log z RSIT, ale wstaw je w tagi !!!

raasky
komentarz
komentarz (edytowane)

dodaje log z RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Rafał at 2011-03-16 17:11:42
Microsoft Windows 7 Home Premium
System drive C: has 9 GB (18%) free of 46 GB
Total RAM: 3067 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:34:09, on 2011-03-16
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe
C:\Users\Rafał\Desktop\RSIT.exe
C:\Program Files\trend micro\Rafał.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [YouCam Mirage] "d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O15 - Trusted Zone: http://print.viauc.dk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10995 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job
C:\windows\tasks\Vwclnspa.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-19 7711264]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1541416]
"StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2009-03-08 73728]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"YouCam Mirage"=d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe [2010-08-20 136488]
"YouCam Tray"=d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe [2011-01-19 162912]
"Adobe Acrobat Speed Launcher"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Google Update"=C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
Update.lnk - C:\Windows\System32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-03-16 17:11:42 ----D---- C:\rsit
2011-03-16 17:11:42 ----D---- C:\Program Files\trend micro
2011-03-15 10:51:46 ----D---- C:\windows\XSxS
2011-03-15 10:51:46 ----D---- C:\Program Files\Xenocode
2011-03-05 19:47:41 ----D---- C:\windows\system32\Wat
2011-03-05 19:42:27 ----A---- C:\windows\system32\drivers\sffp_sd.sys
2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\usbvideo.sys
2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\ks.sys
2011-03-05 19:42:21 ----A---- C:\windows\system32\wcncsvc.dll
2011-03-05 19:42:14 ----A---- C:\windows\system32\mshtml.dll
2011-03-05 19:42:10 ----A---- C:\windows\system32\iertutil.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\mstime.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeedsbs.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeeds.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\licmgr10.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\iedkcs32.dll
2011-03-05 19:42:08 ----A---- C:\windows\system32\mshtmled.dll
2011-03-05 19:42:08 ----A---- C:\windows\system32\msfeedssync.exe
2011-03-05 19:42:08 ----A---- C:\windows\system32\iepeers.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\mf.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\FntCache.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\DWrite.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\d3d10warp.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\d2d1.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\WMVDECOD.DLL
2011-03-05 19:41:45 ----A---- C:\windows\system32\mfreadwrite.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\ExplorerFrame.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\d3d10_1core.dll
2011-03-05 19:41:44 ----A---- C:\windows\system32\XpsRasterService.dll
2011-03-05 19:41:43 ----A---- C:\windows\system32\upnp.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\wininet.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\urlmon.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\msxml6.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\ieframe.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\wscsvc.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\wscapi.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\winhttp.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\WebClnt.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\slwga.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\msxml3.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\jsproxy.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\ieui.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\davclnt.dll
2011-03-05 19:41:37 ----A---- C:\windows\system32\tzres.dll
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntoskrnl.exe
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntdll.dll
2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc_isv.dll
2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_isv.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate.exe
2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsPrint.dll
2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-03-05 19:41:29 ----A---- C:\windows\system32\odbc32.dll
2011-03-05 19:41:29 ----A---- C:\windows\system32\kerberos.dll
2011-03-05 19:41:28 ----A---- C:\windows\system32\consent.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\wmicmiplugin.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskschd.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskeng.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskcomp.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\schtasks.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\schedsvc.dll
2011-03-05 19:41:26 ----A---- C:\windows\system32\oleaut32.dll
2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\fvevol.sys
2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\Diskdump.sys
2011-03-05 19:41:25 ----A---- C:\windows\system32\win32k.sys
2011-03-05 19:41:24 ----A---- C:\windows\system32\webio.dll
2011-03-05 19:41:24 ----A---- C:\windows\system32\atmlib.dll
2011-03-05 19:41:24 ----A---- C:\windows\system32\atmfd.dll
2011-03-05 19:41:22 ----A---- C:\windows\system32\CPFilters.dll
2011-03-05 19:41:21 ----A---- C:\windows\system32\psisdecd.dll
2011-03-05 19:41:21 ----A---- C:\windows\system32\msdri.dll
2011-03-05 19:41:19 ----A---- C:\windows\system32\vbscript.dll
2011-03-05 19:41:19 ----A---- C:\windows\system32\jscript.dll
2011-03-05 19:40:49 ----A---- C:\windows\system32\d3d10_1.dll
2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2011-03-05 19:39:28 ----A---- C:\windows\system32\cdd.dll
2011-03-05 17:48:07 ----D---- C:\Users\Rafał\AppData\Roaming\Malwarebytes
2011-03-05 17:48:02 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-03-05 17:48:00 ----D---- C:\ProgramData\Malwarebytes
2011-03-05 17:47:57 ----A---- C:\windows\system32\drivers\mbam.sys
2011-03-03 23:34:31 ----A---- C:\windows\system32\5e6c9151.exe
2011-03-03 23:25:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-03-03 23:22:22 ----D---- C:\Program Files\Adobe Media Player
2011-03-03 23:20:58 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-03-03 15:45:20 ----D---- C:\windows\system32\Adobe
2011-03-03 14:48:13 ----D---- C:\ProgramData\ASGVIS
2011-03-01 21:18:04 ----D---- C:\windows\Freecorder
2011-02-27 10:38:58 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2011-03-16 17:25:40 ----D---- C:\Users\Rafał\AppData\Roaming\Skype
2011-03-16 17:11:42 ----RD---- C:\Program Files
2011-03-16 17:08:26 ----D---- C:\Users\Rafał\AppData\Roaming\Dropbox
2011-03-16 17:07:15 ----D---- C:\windows\Temp
2011-03-16 17:06:17 ----D---- C:\Users\Rafał\AppData\Roaming\skypePM
2011-03-16 17:04:54 ----D---- C:\Program Files\Common Files\Akamai
2011-03-16 17:04:10 ----HD---- C:\Config.Msi
2011-03-15 22:07:33 ----D---- C:\Users\Rafał\AppData\Roaming\uTorrent
2011-03-15 22:05:21 ----D---- C:\Windows
2011-03-15 21:30:31 ----SHD---- C:\windows\Installer
2011-03-15 21:30:24 ----D---- C:\Program Files\Internet Explorer
2011-03-15 21:30:02 ----D---- C:\Program Files\Common Files\Apple
2011-03-15 21:30:00 ----D---- C:\windows\System32
2011-03-15 20:17:54 ----D---- C:\Program Files\Adobe
2011-03-15 20:14:23 ----D---- C:\Program Files\Common Files\Adobe
2011-03-15 20:14:11 ----D---- C:\windows\system32\DriverStore
2011-03-15 20:14:11 ----D---- C:\windows\inf
2011-03-15 20:11:41 ----RSD---- C:\windows\Fonts
2011-03-15 10:54:02 ----D---- C:\ProgramData\Microsoft Help
2011-03-15 10:54:02 ----A---- C:\windows\win.ini
2011-03-15 08:32:20 ----D---- C:\windows\system32\NDF
2011-03-12 23:12:23 ----D---- C:\windows\system32\drivers
2011-03-12 23:12:23 ----D---- C:\windows\ShellNew
2011-03-12 16:44:01 ----SHD---- C:\System Volume Information
2011-03-11 14:53:39 ----D---- C:\windows\system32\catroot
2011-03-11 14:53:36 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-11 14:53:08 ----AD---- C:\ProgramData\Temp
2011-03-11 14:35:54 ----D---- C:\ProgramData\CyberLink
2011-03-11 14:28:14 ----D---- C:\Program Files\Common Files
2011-03-11 14:12:03 ----D---- C:\Program Files\CyberLink
2011-03-11 13:26:22 ----D---- C:\Users\Rafał\AppData\Roaming\CyberLink
2011-03-10 13:55:06 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-03-10 09:53:05 ----SD---- C:\Users\Rafał\AppData\Roaming\Microsoft
2011-03-07 22:10:32 ----D---- C:\windows\system32\wdi
2011-03-06 18:11:21 ----A---- C:\windows\NeroDigital.ini
2011-03-05 20:25:24 ----D---- C:\windows\Microsoft.NET
2011-03-05 20:24:34 ----RSD---- C:\windows\assembly
2011-03-05 19:53:24 ----D---- C:\windows\system32\config
2011-03-05 19:49:55 ----D---- C:\windows\winsxs
2011-03-05 19:47:44 ----D---- C:\windows\system32\pl-PL
2011-03-05 19:47:44 ----D---- C:\windows\ehome
2011-03-05 19:47:44 ----D---- C:\Program Files\Windows Mail
2011-03-05 19:47:43 ----D---- C:\windows\AppPatch
2011-03-05 19:47:42 ----D---- C:\windows\system32\migration
2011-03-05 19:42:27 ----D---- C:\windows\system32\catroot2
2011-03-05 18:12:07 ----D---- C:\windows\Prefetch
2011-03-05 17:48:00 ----HD---- C:\ProgramData
2011-03-05 17:42:25 ----D---- C:\windows\system32\drivers\etc
2011-03-05 17:37:15 ----D---- C:\windows\system32\Tasks
2011-03-03 23:49:18 ----D---- C:\Users\Rafał\AppData\Roaming\Adobe
2011-03-03 23:47:57 ----D---- C:\ProgramData\FLEXnet
2011-03-03 23:45:32 ----D---- C:\ProgramData\Adobe
2011-03-03 23:34:20 ----D---- C:\Users\Rafał\AppData\Roaming\WinRAR
2011-03-03 23:33:48 ----D---- C:\windows\Tasks
2011-03-03 20:24:07 ----D---- C:\Users\Rafał\AppData\Roaming\Autodesk
2011-03-03 20:24:07 ----D---- C:\ProgramData\Autodesk
2011-03-03 14:44:09 ----D---- C:\Program Files\Autodesk
2011-03-03 14:09:16 ----D---- C:\windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-25 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2010-12-22 135096]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2010-12-04 61960]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-08-20 27632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-08-19 2752352]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 rtl819xp;Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) Realtek RTL8190/RTL8192E 802.11n; C:\windows\system32\DRIVERS\rtl819xp.sys [2010-02-01 557088]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-15 212656]
R3 VMC326;Vimicro Camera Service VMC326; C:\windows\System32\Drivers\VMC326.sys [2009-08-10 237696]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-21 1161760]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336]
R2 Akamai;Akamai NetSession Interface; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-12 267944]
R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys [2010-11-01 532480]
R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-26 1045256]
S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\windows\System32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------
[/log]
[log]info.txt logfile of random's system information tool 1.08 2011-03-16 17:34:12

======Uninstall list======

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
µTorrent-->"d:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {94A4609B-0414-4427-81F3-0FD282A2D0D3}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}
2X-Office 7.80-->C:\Program Files\A4Tech\Mouse\Uninst32.exe
32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
AC3Filter 1.63b-->"C:\Program Files\AC3Filter\unins000.exe"
Adobe Acrobat X Pro - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000005}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4-->C:\Program Files\Common Files\Adobe\Installers\3dcb365ab9e01871fb8c6f27b0ea079\Setup.exe --uninstall=1
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Setup-->MsiExec.exe /I{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}
Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe
AnyPC Client-->C:\Program Files\InstallShield Installation Information\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}\setup.exe
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArchiCAD Essentials Interactive Training Guide-->d:\Program Files\Graphisoft\ArchiCAD Essentials ITG\Uninstall.TGE\uninstaller.exe
Archiwizator WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Ashampoo Burning Studio 10.0.1-->"d:\Program Files\Ashampoo\Ashampoo Burning Studio 10\unins000.exe"
Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2}
Atheros Client Installation Program-->"C:\Program Files\InstallShield Installation Information\{D1434266-0486-4469-B338-A60082CC04E1}\setup.exe" -runfromtemp -l0x0009 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{B15A87DC-46AC-D726-E2F5-06A3D5F35C06} REBOOT=ReallySuppress
Audacity 1.2.6-->"d:\Program Files\Audacity\unins000.exe"
AutoCAD 2011 - English-->C:\Program Files\Autodesk\AutoCAD 2011\Setup\Setup.exe /P {5783F2D7-9001-0409-0002-0060B0CE6BBA} /M ACAD /language en-US
AutoCAD 2011 - English-->C:\Program Files\Autodesk\AutoCAD 2011\Setup\Setup.exe /P {5783F2D7-9001-0409-0002-0060B0CE6BBA} /M ACAD /language en-US
Autodesk 3ds Max 2011 32-bit Components-->MsiExec.exe /I{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}
Autodesk 3ds Max 2011 32-bit-->MsiExec.exe /I{67574624-BF0F-0409-AF6D-19FBD86FF7F7}
Autodesk Backburner 2008.1-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Autodesk Design Review 2011-->D:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {8D20B4D7-3422-4099-9332-39F27E617A6F} /M ADR
Autodesk FBX Plug-in 2011.1 - 3ds Max 2011-->C:\Program Files\Autodesk\FBX\FBXPlugins\2011.1\3ds Max 2011\Uninstall.exe
Autodesk Material Library 2011 Base Image library-->MsiExec.exe /I{CD1E078C-A6B9-47DA-B035-6365C85C7832}
Autodesk Material Library 2011 Medium Image library-->MsiExec.exe /I{975951E7-14D0-49AF-A630-89680D12D7F6}
Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}
Autodesk Revit Architecture 2011 x86 Update 2-->Msiexec.exe /uninstall {4E133AB3-138F-40C9-9CB3-ED32DE045FA0} /package {4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} /qb FILESINUSETEXT=""
Autodesk Revit Architecture 2011-->D:\Program Files\Autodesk\Revit Architecture 2011\Program\Setup\Setup.exe /P {4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} /M REVIT /language en-US
Autodesk Revit Architecture 2011-->MsiExec.exe /X{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"
AVS Video Converter 6-->"d:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.4-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
BatteryCare-->MsiExec.exe /I{A2F34AF5-E329-444C-BD1B-137637AB23AD}
BatteryLifeExtender-->MsiExec.exe /I{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}
Be06v4-->C:\windows\IsUninst.exe -f"C:\Program Files\SBi\Be06\4,8,2,20\Uninst.isu"
Bezpieczeństwo rodzinne usługi Windows Live-->MsiExec.exe /X{F88335A8-CA7B-41DE-B37D-81306C73B507}
Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {4ac40384-37ba-421c-b14c-2ecbe4403817}
Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007-->MsiExec.exe /X{4AC40384-37BA-421C-B14C-2ECBE4403817}
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409
ChargeableUSB-->"C:\Program Files\InstallShield Installation Information\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}\setup.exe" -runfromtemp -l0x0009Remove -removeonly
Composite 2011-->MsiExec.exe /I{6406E3EA-9777-45B7-A0C0-89741E629352}
Contextual Tool Yourprofitclub-->C:\windows\system32\5e6c9151.exe
Crypt4Free-->MsiExec.exe /I{A1802E07-1CC7-4CD1-AFBF-E2CC94B99046}
CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
Easy Display Manager-->"C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly
Easy Network Manager-->MsiExec.exe /I{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}
Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove
EasyBatteryManager-->"C:\Program Files\InstallShield Installation Information\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Edraw Max 5.2-->"d:\Program Files\Edraw Max\unins000.exe"
EngiLab Beam.2D ML v1.20-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\EngiLab Beam.2D ML\ST6UNST.LOG"
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}
FastStone Capture 5.3-->d:\Program Files\FastStone Capture\uninst.exe
Fences-->"C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe" REMOVE=TRUE MODIFY=FALSE
Fences-->C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe
Gadu-Gadu 10-->d:\Program Files\Gadu-Gadu 10\Uninstall.exe
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google SketchUp Pro 7-->MsiExec.exe /X{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8301}
HDD Health v3.3 Beta-->"d:\Program Files\HDD Health\unins000.exe"
Heroes of Might and Magic® III-->C:\windows\IsUn0415.exe -f"d:\Program Files\3DO\Heroes3\Uninst.isu" -c"d:\Program Files\3DO\Heroes3\uninst.dll
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 13.0 Rel. A-->C:\Program Files\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Codec Pack 6.8.0 (Full)-->"d:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech SetPoint 6.20-->C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
Magic ISO Maker v5.5 (build 0265)-->D:\PROGRA~1\MagicISO\UNWISE.EXE D:\PROGRA~1\MagicISO\INSTALL.LOG
Malwarebytes' Anti-Malware-->"d:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40415-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B0-0409-0000-0000000FF1CE}
Microsoft Save as XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B1-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729-->MsiExec.exe /X{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729-->MsiExec.exe /X{14866AAD-1F23-39AC-A62B-7091ED1ADE64}
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729-->MsiExec.exe /X{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729-->MsiExec.exe /X{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}
Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}
Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox (3.6.15)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.0.1)-->d:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Namuga 1.3M Webcam-->C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
NapiProjekt 1.0.6.5-->"d:\Program Files\NAPI-PROJEKT\unins000.exe"
Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia Software Updater-->MsiExec.exe /X{09C468CA-2940-466A-AAE8-DCC0C6E9323C}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OCR Software by I.R.I.S. 13.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{DCD22647-6D31-479D-8F97-16D0AA934D9E}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFill PDF Editor with FREE Writer and FREE Tools-->MsiExec.exe /I{D1399216-81B2-457C-A0F7-73B9A2EF6902}
PDF-Viewer-->"d:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 3-->"d:\Program Files\Google\Picasa3\Uninstall.exe"
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
Poczta usługi Windows Live-->MsiExec.exe /I{C35FE07E-24B5-410F-85B7-122087A0C7DD}
Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Podstawowe programy Windows Live-->MsiExec.exe /I{9862473C-E063-4C68-A161-2CDE0E8048A5}
Polskie Normy i prawo budowlane-->"d:\Program Files\Aslan Wydawnictwa Elektroniczne\PNPB\unins000.exe"
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Real Alternative 2.0.1-->"d:\Program Files\Real Alternative\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
REALTEK Wireless LAN Software-->C:\Program Files\InstallShield Installation Information\{F2BC3383-F000-410C-A038-3846ADBE8D90}\Install.exe -uninst -l0x9
Samsung Recovery Solution 4-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0009 -removeonly
Samsung Support Center-->MsiExec.exe /I{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}
Samsung Update Plus-->"C:\Program Files\InstallShield Installation Information\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}\Setup.exe" -runfromtemp -l0x0009 -removeonly
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Składniki łączności pakietu Microsoft Office Small Business-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Twierdza Krzyżowiec-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe" -l0x15
User Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove
Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Virtual DJ 5.2 (Crack v2)-->d:\Program Files\VirtualDJ\Uninstal Crack VirtualDJ.exe
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {04B34E21-5BEE-3D2B-8D3D-E3E80D253F64} /qb+ REBOOTPROMPT=""
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {14866AAD-1F23-39AC-A62B-7091ED1ADE64} /qb+ REBOOTPROMPT=""
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {4B90093A-5D9C-3956-8ABB-95848BE6EFAD} /qb+ REBOOTPROMPT=""
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\windows\system32\msiexec.exe /x {B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D} /qb+ REBOOTPROMPT=""
V-Ray for SketchUp-->D:\Program Files\Google\Google SketchUp 7\uninstall.exe
Winamp-->"d:\Program Files\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}
Windows Live Movie Maker-->MsiExec.exe /X{6053FE9B-5473-41D6-AEBF-AD6F98138191}
Windows Live Sync-->MsiExec.exe /X{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}
Windows Live Writer-->MsiExec.exe /X{9AB614A6-719C-4A6E-A63E-831E0A35F62A}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Wise Disk Cleaner 4.84-->"d:\Program Files\Wise Disk Cleaner\unins000.exe"
Wise Registry Cleaner 4 Free 4.92-->"d:\Program Files\Wise Registry Cleaner\unins000.exe"

======Hosts File======

::1 localhost
???????????????

======System event log======

Computer Name: Notebook
Event Code: 7036
Message: Usługa Usługa profilów użytkowników weszła w stan zatrzymania.
Record Number: 145672
Source Name: Service Control Manager
Time Written: 20101125081908.567396-000
Event Type: Informacje
User:

Computer Name: Notebook
Event Code: 7036
Message: Usługa SBSD Security Center Service weszła w stan zatrzymania.
Record Number: 145671
Source Name: Service Control Manager
Time Written: 20101125081908.567396-000
Event Type: Informacje
User:

Computer Name: Notebook
Event Code: 7036
Message: Usługa Rezip weszła w stan zatrzymania.
Record Number: 145670
Source Name: Service Control Manager
Time Written: 20101125081908.567396-000
Event Type: Informacje
User:

Computer Name: Notebook
Event Code: 7036
Message: Usługa Agent zasad IPsec weszła w stan zatrzymania.
Record Number: 145669
Source Name: Service Control Manager
Time Written: 20101125081908.567396-000
Event Type: Informacje
User:

Computer Name: Notebook
Event Code: 7036
Message: Usługa Zasilanie weszła w stan zatrzymania.
Record Number: 145668
Source Name: Service Control Manager
Time Written: 20101125081908.567396-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: Notebook
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 762
Source Name: Microsoft-Windows-EventSystem
Time Written: 20091030112444.000000-000
Event Type: Informacje
User:

Computer Name: Notebook
Event Code: 1532
Message: Usługa profilów użytkowników została zatrzymana.


Record Number: 761
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091024190918.257226-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: WIN-R3U1IKQ8BS9
Event Code: 1003
Message: Usługa Windows Search została uruchomiona.

Record Number: 760
Source Name: Microsoft-Windows-Search
Time Written: 20091024190911.000000-000
Event Type: Informacje
User:

Computer Name: WIN-R3U1IKQ8BS9
Event Code: 1013
Message: Usługa Windows Search została normalnie zatrzymana.

Record Number: 759
Source Name: Microsoft-Windows-Search
Time Written: 20091024190910.000000-000
Event Type: Informacje
User:

Computer Name: WIN-R3U1IKQ8BS9
Event Code: 103
Message: Windows (3908) Windows: Aparat bazy danych zatrzymał wystąpienie (0).
Record Number: 758
Source Name: ESENT
Time Written: 20091024190910.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: Notebook
Event Code: 5058
Message: Operacja na pliku klucza.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: NOTEBOOK$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: Niedostępne.
Nazwa klucza: {0CC2745F-B2DD-4A5B-94B1-83713BA42210}
Typ klucza: Klucz komputera.

Informacje dotyczące operacji na pliku klucza:
Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\Keys\ffa33b28821a8c43d0c9613a8048513e_5099e073-6a8d-4de8-89d1-12547431df07
Operacja: Odczytaj trwały klucz z pliku.
Kod powrotny: 0x0
Record Number: 33610
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100926094519.876424-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Notebook
Event Code: 5061
Message: Operacja kryptograficzna.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-19
Nazwa konta: USŁUGA LOKALNA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e5

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: RSA
Nazwa klucza: d0df6ec9-960a-463b-b22c-230eef8e0a23
Typ klucza: Klucz komputera.

Operacja kryptograficzna:
Operacja: Otwórz klucz.
Kod powrotny: 0x0
Record Number: 33609
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100926094455.807383-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Notebook
Event Code: 5058
Message: Operacja na pliku klucza.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-19
Nazwa konta: USŁUGA LOKALNA
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e5

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: Niedostępne.
Nazwa klucza: d0df6ec9-960a-463b-b22c-230eef8e0a23
Typ klucza: Klucz komputera.

Informacje dotyczące operacji na pliku klucza:
Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4db6c7e4a6bed471c59a97230de02070_5099e073-6a8d-4de8-89d1-12547431df07
Operacja: Odczytaj trwały klucz z pliku.
Kod powrotny: 0x0
Record Number: 33608
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100926094455.806383-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Notebook
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 33607
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100926094428.212110-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Notebook
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: NOTEBOOK$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x260
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 33606
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100926094428.212110-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Common Files\Autodesk Shared\;D:\Program Files\Autodesk\Backburner\;D:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"3DSMAX_2011_PATH"=D:\Program Files\Autodesk\3ds Max 2011\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Dziwna sprawa do zbadania, Plik startujący z Update.Ink "ściąga" zainfekowany plik do folderu System32 a jak widać w rejestrze jest to usługa rundll32.exe :pff:
[code]C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Update.lnk - C:\Windows\System32\rundll32.exe[/code]
jak dla mnie ten plik jest do podmiany z płytki instalacyjnej.

W OTL, w oknie Custom scan/fixes wklej:

[code]:OTL
[2011/03/03 23:34:31 | 000,125,927 | ---- | C] () -- C:\windows\System32\5e6c9151.exe
[2011/03/03 23:34:21 | 000,001,023 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk
[2011/03/03 23:33:48 | 000,000,304 | -HS- | C] () -- C:\windows\tasks\Vwclnspa.job
[2009/10/31 10:11:39 | 000,000,000 | -HSD | M] -- C:\Users\Rafał\AppData\Roaming\.#
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:ABE89FFE

:Commands
[emptytemp][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT


Wykonaj pełny skan
[url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url]

raasky
komentarz
komentarz

log z usuwania
[log]All processes killed
========== OTL ==========
C:\Windows\System32\5e6c9151.exe moved successfully.
C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk moved successfully.
C:\Windows\Tasks\Vwclnspa.job moved successfully.
C:\Users\Rafał\AppData\Roaming\.# folder moved successfully.
ADS C:\ProgramData\Temp:ABE89FFE deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: ADMINI~1~VIT

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Rafał
->Temp folder emptied: 253513 bytes
->Temporary Internet Files folder emptied: 1546450 bytes
->Java cache emptied: 6159 bytes
->FireFox cache emptied: 94856049 bytes
->Google Chrome cache emptied: 212123596 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 985 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10946 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 294.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 03162011_180911

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]
nowe OTL
[log]OTL logfile created on: 3/16/2011 6:21:58 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.28 Gb Total Space | 8.58 Gb Free Space | 18.95% Space Free | Partition Type: NTFS
Drive D: | 237.71 Gb Total Space | 25.61 Gb Free Space | 10.77% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
PRC - [2011/03/13 21:44:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011/03/13 21:44:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/26 17:05:34 | 015,026,056 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/11/09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys
PRC - [2010/10/29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/10/15 11:14:26 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2010/10/11 15:49:48 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2010/08/21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010/08/20 10:49:04 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/04 11:09:52 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2010/02/26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009/09/20 12:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/09/20 12:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009/09/20 12:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2009/08/19 04:15:48 | 007,711,264 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/15 00:14:34 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2009/07/15 00:14:32 | 001,541,416 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/07/14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009/07/14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
PRC - [2009/07/14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/03/06 09:12:58 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/08/24 07:00:48 | 000,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007/05/08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/02/10 05:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
MOD - [2010/10/27 05:40:24 | 001,289,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010/06/29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010/04/07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009/12/08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009/12/08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009/07/14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009/07/14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009/07/14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009/07/14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009/07/14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009/07/14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009/07/14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009/07/14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009/07/14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009/07/14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009/07/14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009/07/14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009/07/14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009/07/14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011/03/05 19:42:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/05 10:42:03 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys -- (PrismXL)
SRV - [2010/10/28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/04/27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc)
SRV - [2009/09/23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/05 22:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/12/22 15:27:35 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/04 15:20:30 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/20 10:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/02/01 12:30:32 | 000,557,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/12/26 02:08:38 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007/01/25 02:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pl&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/30 13:15:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/03/15 20:13:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011/03/15 21:30:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/03/15 21:30:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2011/03/15 21:30:25 | 000,000,000 | ---D | M]

[2011/01/02 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions
[2010/02/27 14:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\personas@christopher.beard
[2011/03/16 17:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions
[2011/03/12 13:30:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/02/19 16:16:22 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66}
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/12 13:30:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/02 20:14:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/12 13:30:19 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2011/01/26 19:41:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/19 16:16:22 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\collector@broceliand.fr
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\smarterwiki@wikiatic.com
[2011/01/02 20:22:12 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\youtube2mp3@mondayx.de

O1 HOSTS File: ([2011/03/15 20:09:23 | 000,000,128 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: ਍㈱⸷⸰⸰‱捡楴慶整愮潤敢挮浯
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [YouCam Mirage] d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-604524677-2708395862-3557633927-1000\..Trusted Domains: viauc.dk ([print] http in Zaufane witryny)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.10.10.5 212.10.10.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell - "" = AutoRun
O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011/03/16 18:09:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\rsit
[2011/03/15 21:41:46 | 478,024,432 | ---- | C] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC14-INT32.exe
[2011/03/15 21:41:27 | 504,630,736 | ---- | C] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC13-INT32.exe
[2011/03/15 21:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/03/15 21:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphisoft
[2011/03/15 20:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/03/15 11:29:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
[2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\windows\XSxS
[2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2011/03/13 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Staircase Analisys
[2011/03/13 12:56:33 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Autodesk, Inc
[2011/03/11 15:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Avatar
[2011/03/11 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\CyberLink
[2011/03/11 14:52:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/03/11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\CyberLink
[2011/03/10 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2011/03/10 09:59:43 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Files from Internet
[2011/03/10 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\My Files
[2011/03/10 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Lectures
[2011/03/06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Podatki
[2011/03/05 19:47:41 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat
[2011/03/05 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes
[2011/03/05 17:48:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/03/05 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/05 17:47:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/03/03 23:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2011/03/03 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Adobe
[2011/03/03 23:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011/03/03 23:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/03/03 21:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 5.2
[2011/03/03 20:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\3dsMax
[2011/03/03 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V-Ray for SketchUp
[2011/03/03 15:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe
[2011/03/03 14:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASGVIS
[2011/03/03 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Inventor
[2011/03/02 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\sdfgsdfg
[2011/03/01 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\FLVService
[2011/03/01 21:18:04 | 000,000,000 | ---D | C] -- C:\windows\Freecorder
[2011/02/27 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/02/19 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\The KMPlayer
[2011/02/19 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/02/14 12:09:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\dsekjhsf
[2011/02/10 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\1. Literature
[2011/01/30 11:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2011/01/30 11:33:49 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\HP
[2011/01/30 11:33:48 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\HP
[2011/01/30 11:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011/01/30 11:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011/01/30 11:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2011/01/30 11:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011/01/30 11:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/01/30 11:27:24 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2011/01/30 11:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\StarCraft II
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/01/20 21:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 7
[2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Thinstall
[2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Thinstall
[2011/01/19 16:43:19 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\System32\lameACM.acm
[2011/01/19 16:43:19 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll
[2011/01/19 16:43:19 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\System32\ac3acm.acm

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011/03/16 18:27:48 | 006,553,600 | -HS- | M] () -- C:\Users\Rafał\NTUSER.DAT
[2011/03/16 18:17:41 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 18:17:41 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 18:10:09 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2011/03/16 18:10:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/03/16 18:09:59 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/16 17:11:33 | 000,339,991 | ---- | M] () -- C:\Users\Rafał\Desktop\RSIT.exe
[2011/03/16 17:05:25 | 000,148,656 | ---- | M] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/03/16 17:04:39 | 004,006,464 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/03/15 22:23:39 | 006,055,325 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db
[2011/03/15 22:02:40 | 504,630,736 | ---- | M] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC13-INT32.exe
[2011/03/15 21:58:44 | 478,024,432 | ---- | M] (Graphisoft R&D) -- C:\Users\Rafał\Desktop\AC14-INT32.exe
[2011/03/15 21:30:45 | 000,000,783 | ---- | M] () -- C:\Users\Public\Desktop\ArchiCAD Essentials ITG.lnk
[2011/03/15 21:29:11 | 000,003,870 | ---- | M] () -- C:\windows\vpd.properties
[2011/03/15 20:09:23 | 000,000,128 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
[2011/03/15 10:54:02 | 000,000,545 | ---- | M] () -- C:\windows\win.ini
[2011/03/13 20:03:22 | 000,166,584 | ---- | M] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf
[2011/03/11 11:47:44 | 000,108,629 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg
[2011/03/11 11:17:47 | 000,047,161 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf
[2011/03/10 13:55:06 | 001,654,586 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2011/03/10 13:55:06 | 000,734,536 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2011/03/10 13:55:06 | 000,653,898 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/03/10 13:55:06 | 000,148,904 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2011/03/10 13:55:06 | 000,121,090 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/03/10 11:39:20 | 000,049,849 | ---- | M] () -- C:\Users\Rafał\Desktop\310.dwg
[2011/03/09 20:45:15 | 003,733,661 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3
[2011/03/07 13:29:33 | 000,040,240 | ---- | M] () -- C:\Users\Rafał\Documents\3D 02.jpg
[2011/03/07 13:25:39 | 000,041,323 | ---- | M] () -- C:\Users\Rafał\Documents\3D 01.jpg
[2011/03/06 20:02:08 | 004,004,916 | ---- | M] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3
[2011/03/06 18:43:06 | 003,161,057 | ---- | M] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3
[2011/03/06 18:11:21 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini
[2011/03/05 19:50:19 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/05 19:31:00 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job
[2011/03/05 19:19:00 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/05 16:31:00 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
[2011/03/03 20:01:30 | 006,485,848 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3
[2011/03/03 14:42:41 | 000,017,588 | ---- | M] () -- C:\windows\System32\drivers\etc\services
[2011/03/01 19:11:26 | 002,960,430 | ---- | M] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3
[2011/02/25 09:19:23 | 000,467,882 | ---- | M] () -- C:\Users\Rafał\Desktop\0 - 20.mp3
[2011/02/25 09:19:19 | 000,531,601 | ---- | M] () -- C:\Users\Rafał\Desktop\100 -1876.mp3
[2011/02/20 13:49:37 | 012,202,592 | ---- | M] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3
[2011/02/15 09:33:03 | 000,047,104 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 12:13:03 | 000,040,602 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg
[2011/02/11 18:23:48 | 000,381,554 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3
[2011/02/11 18:23:46 | 000,493,149 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3
[2011/02/11 18:23:45 | 000,439,232 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3
[2011/02/10 13:47:18 | 000,013,654 | ---- | M] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf
[2011/02/04 16:24:01 | 003,889,142 | ---- | M] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3
[2011/02/04 15:30:06 | 003,530,115 | ---- | M] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3
[2011/02/02 21:54:05 | 000,023,713 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg
[2011/01/30 13:18:38 | 000,023,203 | ---- | M] () -- C:\windows\hpqins15.dat
[2011/01/30 11:33:44 | 000,211,070 | ---- | M] () -- C:\windows\hpoins18.dat
[2011/01/30 11:29:41 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/01/20 21:41:32 | 000,003,120 | ---- | M] () -- C:\windows\System32\ALLFSAF8a.ocx

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/03/16 17:11:32 | 000,339,991 | ---- | C] () -- C:\Users\Rafał\Desktop\RSIT.exe
[2011/03/15 21:30:45 | 000,000,783 | ---- | C] () -- C:\Users\Public\Desktop\ArchiCAD Essentials ITG.lnk
[2011/03/15 21:29:11 | 000,003,870 | ---- | C] () -- C:\windows\vpd.properties
[2011/03/15 20:13:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011/03/15 20:13:35 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011/03/13 20:03:20 | 000,166,584 | ---- | C] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf
[2011/03/11 11:34:37 | 000,108,629 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg
[2011/03/11 11:17:47 | 000,047,161 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf
[2011/03/10 11:39:20 | 000,049,849 | ---- | C] () -- C:\Users\Rafał\Desktop\310.dwg
[2011/03/09 20:42:03 | 003,733,661 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3
[2011/03/07 13:29:33 | 000,040,240 | ---- | C] () -- C:\Users\Rafał\Documents\3D 02.jpg
[2011/03/07 13:25:39 | 000,041,323 | ---- | C] () -- C:\Users\Rafał\Documents\3D 01.jpg
[2011/03/06 19:58:48 | 004,004,916 | ---- | C] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3
[2011/03/06 18:40:24 | 003,161,057 | ---- | C] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3
[2011/03/03 23:45:29 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
[2011/03/03 23:44:35 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2011/03/03 23:43:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
[2011/03/03 23:42:51 | 000,002,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
[2011/03/03 23:42:08 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2011/03/03 23:41:04 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2011/03/03 23:40:46 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2011/03/03 23:24:42 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011/03/03 23:23:48 | 000,000,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011/03/03 23:23:26 | 000,000,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011/03/03 23:21:58 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011/03/03 23:21:45 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011/03/03 23:21:00 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/03/03 20:01:12 | 006,485,848 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3
[2011/03/01 19:11:11 | 002,960,430 | ---- | C] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3
[2011/03/01 11:45:52 | 012,202,592 | ---- | C] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3
[2011/02/25 09:19:23 | 000,467,882 | ---- | C] () -- C:\Users\Rafał\Desktop\0 - 20.mp3
[2011/02/25 09:19:18 | 000,531,601 | ---- | C] () -- C:\Users\Rafał\Desktop\100 -1876.mp3
[2011/02/19 16:26:44 | 000,001,058 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job
[2011/02/19 16:26:43 | 000,001,006 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
[2011/02/14 12:13:03 | 000,040,602 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg
[2011/02/11 18:23:44 | 000,493,149 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3
[2011/02/11 18:23:43 | 000,439,232 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3
[2011/02/11 18:23:30 | 000,381,554 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3
[2011/02/10 13:47:18 | 000,013,654 | ---- | C] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf
[2011/02/04 16:20:41 | 003,889,142 | ---- | C] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3
[2011/02/04 15:27:09 | 003,530,115 | ---- | C] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3
[2011/02/02 21:54:05 | 000,023,713 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg
[2011/01/30 13:14:56 | 000,023,203 | ---- | C] () -- C:\windows\hpqins15.dat
[2011/01/30 11:31:06 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk
[2011/01/30 11:29:41 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/01/30 11:26:48 | 000,211,070 | ---- | C] () -- C:\windows\hpoins18.dat
[2011/01/30 11:26:48 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat
[2011/01/20 21:41:32 | 000,003,120 | ---- | C] () -- C:\windows\System32\ALLFSAF8a.ocx
[2011/01/19 16:43:20 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/01/19 16:43:19 | 000,000,414 | ---- | C] () -- C:\windows\System32\lame_acm.xml
[2011/01/19 16:43:18 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2011/01/19 16:43:18 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2011/01/19 16:43:18 | 000,000,590 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2011/01/12 19:24:23 | 000,000,152 | ---- | C] () -- C:\windows\Aslan.INI
[2010/12/19 19:10:52 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini
[2010/12/19 11:25:44 | 000,000,048 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/12/05 14:10:28 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin
[2010/09/04 17:47:43 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll
[2010/07/31 21:40:41 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2010/07/31 21:40:40 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2010/07/31 21:40:36 | 000,183,112 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2010/03/01 17:50:08 | 000,000,145 | ---- | C] () -- C:\windows\splendor.ini
[2010/03/01 17:46:03 | 000,284,160 | ---- | C] () -- C:\windows\unin0415.exe
[2009/12/23 13:51:46 | 002,392,064 | ---- | C] () -- C:\windows\System32\videotrans.dll
[2009/12/23 13:51:46 | 000,215,040 | ---- | C] () -- C:\windows\System32\videoformat.dll
[2009/12/23 13:51:46 | 000,017,920 | ---- | C] () -- C:\windows\System32\videocore.dll
[2009/12/23 13:51:45 | 000,061,440 | ---- | C] () -- C:\windows\System32\imgscaler.dll
[2009/12/23 13:51:45 | 000,022,016 | ---- | C] () -- C:\windows\System32\img_utils.dll
[2009/12/23 13:51:43 | 000,128,512 | ---- | C] () -- C:\windows\System32\xvid.dll
[2009/12/21 18:03:39 | 000,210,032 | ---- | C] () -- C:\windows\System32\DBCLIENT.DLL
[2009/11/03 19:08:37 | 000,047,104 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 14:55:27 | 000,138,056 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\PnkBstrK.sys
[2009/10/31 14:55:10 | 002,250,024 | ---- | C] () -- C:\windows\System32\pbsvc.exe
[2009/10/31 12:05:27 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/10/30 13:54:16 | 006,055,325 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db
[2009/10/30 13:50:28 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2009/10/30 13:43:20 | 000,148,656 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/30 13:37:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/28 19:14:04 | 000,734,536 | ---- | C] () -- C:\windows\System32\perfh015.dat
[2009/09/28 19:14:04 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat
[2009/09/28 19:14:04 | 000,148,904 | ---- | C] () -- C:\windows\System32\perfc015.dat
[2009/09/28 19:14:04 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat
[2009/09/28 19:00:26 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/09/28 19:00:26 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/09/28 18:28:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/09/28 09:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys
[2009/09/28 03:11:13 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/09/28 02:42:20 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe
[2009/07/26 21:06:02 | 001,654,586 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 05:33:53 | 004,006,464 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,653,898 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,121,090 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini
[2009/07/14 03:04:23 | 000,000,545 | ---- | C] () -- C:\windows\win.ini
[2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe
[2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe
[2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe
[2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe
[2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe
[2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM
[2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM
[2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe
[2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM
[2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe
[2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe
[2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe
[2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe
[2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe
[2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe
[2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM
[2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys
[2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS
[2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS
[2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS
[2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS
[2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS
[2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS
[2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS
[2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS
[2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS
[2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS
[2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS
[2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS
[2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS
[2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll
[2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll
[2009/06/18 19:29:04 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com
[2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\windows\System32\xlive.dll.cat

[color=#E56717]========== LOP Check ==========[/color]

[2010/06/28 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AnvSoft
[2010/07/10 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Ashampoo
[2011/03/03 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Autodesk
[2010/12/18 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BatteryCare
[2009/12/06 14:51:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite
[2011/03/16 18:14:08 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Dropbox
[2010/12/05 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Efficient Sticky Notes
[2011/01/14 11:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EuroTalk
[2010/01/01 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu
[2010/01/01 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10
[2010/07/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gmail Notifier Plus
[2010/01/09 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla
[2009/10/31 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech
[2009/11/02 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu
[2009/11/02 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM
[2010/06/24 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite
[2010/06/30 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\r2 Studios
[2009/10/31 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Red Alert 3
[2010/11/29 13:34:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Stardock
[2011/01/20 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thinstall
[2010/02/27 14:44:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thunderbird
[2011/03/15 22:07:33 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent
[2010/11/22 10:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Xerox
[2011/03/16 18:10:09 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/03/16 18:09:59 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/16 18:10:04 | 3215,577,088 | -HS- | M] () -- C:\pagefile.sys
[2009/09/28 02:37:48 | 000,002,003 | ---- | M] () -- C:\RHDSetup.log
[2009/09/28 03:09:41 | 000,000,166 | ---- | M] () -- C:\Setup.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >
[/log]
[log]OTL Extras logfile created on: 3/16/2011 6:21:58 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.28 Gb Total Space | 8.58 Gb Free Space | 18.95% Space Free | Partition Type: NTFS
Drive D: | 237.71 Gb Total Space | 25.61 Gb Free Space | 10.77% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Program Files\Adobe\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002DD827-7FAC-A09F-7382-BCF61E6744C8}" = CCC Help Portuguese
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0C255F02-22AF-F50B-E945-B8D763E1A077}" = CCC Help Greek
"{0C5F09B4-5C7A-6F41-89F4-65B419A639B9}" = CCC Help Chinese Standard
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{180641E1-F6C2-6053-1022-78B9C49D173D}" = CCC Help Finnish
"{18A2FD82-910A-0208-3AE1-169E92F2AFA4}" = CCC Help Dutch
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2822F016-69E9-A368-B612-685CCF4A9B83}" = CCC Help English
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A07F8DD-96E5-8A5D-3C6A-D60F38D1F34B}" = CCC Help Turkish
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D397BD2-ED49-F9B9-4F65-D60D00AD6C5F}" = CCC Help Norwegian
"{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30C4566A-85AC-1713-71B2-3BE50C7146F8}" = CCC Help Thai
"{3380D2BE-EAE4-034C-1096-3CA28F82A2F9}" = CCC Help French
"{3920C82C-C03F-0D90-8009-CBFD8CF0214B}" = ccc-utility
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{4067974F-F2E5-5893-E7A3-10C345089305}" = CCC Help Polish
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{4177BBB8-D654-4364-A898-BA00A68D7897}" = CCC Help Swedish
"{41CD70E9-E193-8358-A837-A3A900565840}" = CCC Help Russian
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B4C2E3-D570-16B4-8CED-3D83AAF5D6F7}" = Catalyst Control Center Localization All
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{473937BF-F1ED-764D-01A8-12A672DED3E0}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007
"{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4ECC1D06-672F-2935-E570-CA2D210AE0CE}" = Catalyst Control Center InstallProxy
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5783F2D7-9001-0409-0002-0060B0CE6BBA}" = AutoCAD 2011 - English
"{5783F2D7-9001-0409-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - English
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Twierdza Krzyżowiec
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8D7CCD59-BEBB-57D4-23EC-B9A9DB173EAA}" = Catalyst Control Center Graphics Previews Vista
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8EE4C584-C82E-9BE3-41C1-BC2A53774DE6}" = CCC Help Korean
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{94A4609B-0414-4427-81F3-0FD282A2D0D3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-00B1-0409-0000-0000000FF1CE}" = Microsoft Save as XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{940C416E-1BE6-58C0-949E-1A588349B0C7}" = CCC Help Hungarian
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live
"{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A1802E07-1CC7-4CD1-AFBF-E2CC94B99046}" = Crypt4Free
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F34AF5-E329-444C-BD1B-137637AB23AD}" = BatteryCare
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B15A87DC-46AC-D726-E2F5-06A3D5F35C06}" = ATI Catalyst Install Manager
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{B7D833B7-915D-C859-D7A6-3639423E878C}" = CCC Help Danish
"{B9F76257-02B5-EB70-2A72-6D56C9359985}" = CCC Help Italian
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB778F28-FD55-C8FD-8E0B-482814C05D6B}" = CCC Help Chinese Traditional
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF076135-7D69-3255-D72B-487E67146727}" = CCC Help Japanese
"{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}" = Google SketchUp Pro 7
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB829D09-6426-F17D-C95D-303A6613A190}" = ccc-core-static
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A5844F-80CB-665D-0AF9-9D712F4E6238}" = CCC Help German
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F88335A8-CA7B-41DE-B37D-81306C73B507}" = Bezpieczeństwo rodzinne usługi Windows Live
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F958FF6B-B2B8-03F6-B56D-7D5E04768AA8}" = CCC Help Czech
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"048FFFFFFF13FF00FF0701F00F02F000-R1" = ArchiCAD Essentials Interactive Training Guide
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5e6c9151" = Contextual Tool Yourprofitclub
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"Audacity_is1" = Audacity 1.2.6
"AutoCAD 2011 - English" = AutoCAD 2011 - English
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Autodesk Revit Architecture 2011" = Autodesk Revit Architecture 2011
"Autodesk Revit Architecture 2011 SP2" = Autodesk Revit Architecture 2011 x86 Update 2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Be06v4" = Be06v4
"Business Contact Manager" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Edraw Max_is1" = Edraw Max 5.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Capture" = FastStone Capture 5.3
"Fences" = Fences
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDD Health_is1" = HDD Health v3.3 Beta
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full)
"Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"NapiProjekt_is1" = NapiProjekt 1.0.6.5
"Picasa 3" = Picasa 3
"Polskie Normy i prawo budowlane_is1" = Polskie Normy i prawo budowlane
"RealAlt_is1" = Real Alternative 2.0.1
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.20
"ST6UNST #1" = EngiLab Beam.2D ML v1.20
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ 5.2 (Crack v2)" = Virtual DJ 5.2 (Crack v2)
"V-Ray for SketchUp 1.48.89" = V-Ray for SketchUp
"WheelMouse" = 2X-Office 7.80
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 4.84
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.92

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BankBrowser" = BankBrowser
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 3/5/2011 3:06:35 PM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/6/2011 5:31:15 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 3:28:33 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 7:56:59 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 9:20:06 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 4:44:01 PM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/8/2011 3:06:57 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/8/2011 3:36:23 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/9/2011 11:28:03 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/10/2011 3:27:16 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

[ OSession Events ]
Error - 10/8/2010 3:41:09 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/8/2010 8:35:05 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 114
seconds with 60 seconds of active time. This session ended with a crash.

Error - 10/8/2010 8:35:43 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/9/2011 9:01:24 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3/16/2011 12:04:23 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/16/2011 12:04:23 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/16/2011 12:04:54 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń,
której nie można uruchomić z powodu następującego błędu: %%1058

Error - 3/16/2011 12:05:52 PM | Computer Name = Notebook | Source = DCOM | ID = 10005
Description =

Error - 3/16/2011 12:05:52 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Windows Search.

Error - 3/16/2011 12:05:52 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu:
%%1053

Error - 3/16/2011 1:09:12 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7034
Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/16/2011 1:10:13 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń,
której nie można uruchomić z powodu następującego błędu: %%1058


< End of report >
[/log]
nowe RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Rafał at 2011-03-16 18:24:04
Microsoft Windows 7 Home Premium
System drive C: has 9 GB (19%) free of 46 GB
Total RAM: 3067 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:24:11, on 2011-03-16
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\windows\Explorer.EXE
C:\windows\system32\Dwm.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Rafał\Desktop\OTL.exe
C:\Users\Rafał\Desktop\RSIT.exe
C:\Program Files\trend micro\Rafał.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [YouCam Mirage] "d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O15 - Trusted Zone: http://print.viauc.dk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10997 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-19 7711264]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1541416]
"StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2009-03-08 73728]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"YouCam Mirage"=d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe [2010-08-20 136488]
"YouCam Tray"=d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe [2011-01-19 162912]
"Adobe Acrobat Speed Launcher"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Google Update"=C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-03-16 18:09:11 ----D---- C:\_OTL
2011-03-16 17:11:42 ----D---- C:\rsit
2011-03-16 17:11:42 ----D---- C:\Program Files\trend micro
2011-03-15 10:51:46 ----D---- C:\windows\XSxS
2011-03-15 10:51:46 ----D---- C:\Program Files\Xenocode
2011-03-05 19:47:41 ----D---- C:\windows\system32\Wat
2011-03-05 19:42:27 ----A---- C:\windows\system32\drivers\sffp_sd.sys
2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\usbvideo.sys
2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\ks.sys
2011-03-05 19:42:21 ----A---- C:\windows\system32\wcncsvc.dll
2011-03-05 19:42:14 ----A---- C:\windows\system32\mshtml.dll
2011-03-05 19:42:10 ----A---- C:\windows\system32\iertutil.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\mstime.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeedsbs.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeeds.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\licmgr10.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\iedkcs32.dll
2011-03-05 19:42:08 ----A---- C:\windows\system32\mshtmled.dll
2011-03-05 19:42:08 ----A---- C:\windows\system32\msfeedssync.exe
2011-03-05 19:42:08 ----A---- C:\windows\system32\iepeers.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\mf.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\FntCache.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\DWrite.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\d3d10warp.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\d2d1.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\WMVDECOD.DLL
2011-03-05 19:41:45 ----A---- C:\windows\system32\mfreadwrite.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\ExplorerFrame.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\d3d10_1core.dll
2011-03-05 19:41:44 ----A---- C:\windows\system32\XpsRasterService.dll
2011-03-05 19:41:43 ----A---- C:\windows\system32\upnp.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\wininet.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\urlmon.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\msxml6.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\ieframe.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\wscsvc.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\wscapi.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\winhttp.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\WebClnt.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\slwga.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\msxml3.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\jsproxy.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\ieui.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\davclnt.dll
2011-03-05 19:41:37 ----A---- C:\windows\system32\tzres.dll
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntoskrnl.exe
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntdll.dll
2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc_isv.dll
2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_isv.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate.exe
2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsPrint.dll
2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-03-05 19:41:29 ----A---- C:\windows\system32\odbc32.dll
2011-03-05 19:41:29 ----A---- C:\windows\system32\kerberos.dll
2011-03-05 19:41:28 ----A---- C:\windows\system32\consent.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\wmicmiplugin.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskschd.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskeng.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskcomp.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\schtasks.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\schedsvc.dll
2011-03-05 19:41:26 ----A---- C:\windows\system32\oleaut32.dll
2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\fvevol.sys
2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\Diskdump.sys
2011-03-05 19:41:25 ----A---- C:\windows\system32\win32k.sys
2011-03-05 19:41:24 ----A---- C:\windows\system32\webio.dll
2011-03-05 19:41:24 ----A---- C:\windows\system32\atmlib.dll
2011-03-05 19:41:24 ----A---- C:\windows\system32\atmfd.dll
2011-03-05 19:41:22 ----A---- C:\windows\system32\CPFilters.dll
2011-03-05 19:41:21 ----A---- C:\windows\system32\psisdecd.dll
2011-03-05 19:41:21 ----A---- C:\windows\system32\msdri.dll
2011-03-05 19:41:19 ----A---- C:\windows\system32\vbscript.dll
2011-03-05 19:41:19 ----A---- C:\windows\system32\jscript.dll
2011-03-05 19:40:49 ----A---- C:\windows\system32\d3d10_1.dll
2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2011-03-05 19:39:28 ----A---- C:\windows\system32\cdd.dll
2011-03-05 17:48:07 ----D---- C:\Users\Rafał\AppData\Roaming\Malwarebytes
2011-03-05 17:48:02 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-03-05 17:48:00 ----D---- C:\ProgramData\Malwarebytes
2011-03-05 17:47:57 ----A---- C:\windows\system32\drivers\mbam.sys
2011-03-03 23:25:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-03-03 23:22:22 ----D---- C:\Program Files\Adobe Media Player
2011-03-03 23:20:58 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-03-03 15:45:20 ----D---- C:\windows\system32\Adobe
2011-03-03 14:48:13 ----D---- C:\ProgramData\ASGVIS
2011-03-01 21:18:04 ----D---- C:\windows\Freecorder
2011-02-27 10:38:58 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2011-03-16 18:14:25 ----D---- C:\Users\Rafał\AppData\Roaming\Skype
2011-03-16 18:14:08 ----D---- C:\Users\Rafał\AppData\Roaming\Dropbox
2011-03-16 18:12:29 ----D---- C:\windows\Temp
2011-03-16 18:10:17 ----D---- C:\Program Files\Common Files\Akamai
2011-03-16 18:09:14 ----D---- C:\windows\Tasks
2011-03-16 18:09:14 ----D---- C:\windows\System32
2011-03-16 17:11:42 ----RD---- C:\Program Files
2011-03-16 17:06:17 ----D---- C:\Users\Rafał\AppData\Roaming\skypePM
2011-03-16 17:04:10 ----HD---- C:\Config.Msi
2011-03-15 22:07:33 ----D---- C:\Users\Rafał\AppData\Roaming\uTorrent
2011-03-15 22:05:21 ----D---- C:\Windows
2011-03-15 21:30:31 ----SHD---- C:\windows\Installer
2011-03-15 21:30:24 ----D---- C:\Program Files\Internet Explorer
2011-03-15 21:30:02 ----D---- C:\Program Files\Common Files\Apple
2011-03-15 20:17:54 ----D---- C:\Program Files\Adobe
2011-03-15 20:14:23 ----D---- C:\Program Files\Common Files\Adobe
2011-03-15 20:14:11 ----D---- C:\windows\system32\DriverStore
2011-03-15 20:14:11 ----D---- C:\windows\inf
2011-03-15 20:11:41 ----RSD---- C:\windows\Fonts
2011-03-15 10:54:02 ----D---- C:\ProgramData\Microsoft Help
2011-03-15 10:54:02 ----A---- C:\windows\win.ini
2011-03-15 08:32:20 ----D---- C:\windows\system32\NDF
2011-03-12 23:12:23 ----D---- C:\windows\system32\drivers
2011-03-12 23:12:23 ----D---- C:\windows\ShellNew
2011-03-12 16:44:01 ----SHD---- C:\System Volume Information
2011-03-11 14:53:39 ----D---- C:\windows\system32\catroot
2011-03-11 14:53:36 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-11 14:53:08 ----AD---- C:\ProgramData\Temp
2011-03-11 14:35:54 ----D---- C:\ProgramData\CyberLink
2011-03-11 14:28:14 ----D---- C:\Program Files\Common Files
2011-03-11 14:12:03 ----D---- C:\Program Files\CyberLink
2011-03-11 13:26:22 ----D---- C:\Users\Rafał\AppData\Roaming\CyberLink
2011-03-10 13:55:06 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-03-10 09:53:05 ----SD---- C:\Users\Rafał\AppData\Roaming\Microsoft
2011-03-07 22:10:32 ----D---- C:\windows\system32\wdi
2011-03-06 18:11:21 ----A---- C:\windows\NeroDigital.ini
2011-03-05 20:25:24 ----D---- C:\windows\Microsoft.NET
2011-03-05 20:24:34 ----RSD---- C:\windows\assembly
2011-03-05 19:53:24 ----D---- C:\windows\system32\config
2011-03-05 19:49:55 ----D---- C:\windows\winsxs
2011-03-05 19:47:44 ----D---- C:\windows\system32\pl-PL
2011-03-05 19:47:44 ----D---- C:\windows\ehome
2011-03-05 19:47:44 ----D---- C:\Program Files\Windows Mail
2011-03-05 19:47:43 ----D---- C:\windows\AppPatch
2011-03-05 19:47:42 ----D---- C:\windows\system32\migration
2011-03-05 19:42:27 ----D---- C:\windows\system32\catroot2
2011-03-05 18:12:07 ----D---- C:\windows\Prefetch
2011-03-05 17:48:00 ----HD---- C:\ProgramData
2011-03-05 17:42:25 ----D---- C:\windows\system32\drivers\etc
2011-03-05 17:37:15 ----D---- C:\windows\system32\Tasks
2011-03-03 23:49:18 ----D---- C:\Users\Rafał\AppData\Roaming\Adobe
2011-03-03 23:47:57 ----D---- C:\ProgramData\FLEXnet
2011-03-03 23:45:32 ----D---- C:\ProgramData\Adobe
2011-03-03 23:34:20 ----D---- C:\Users\Rafał\AppData\Roaming\WinRAR
2011-03-03 20:24:07 ----D---- C:\Users\Rafał\AppData\Roaming\Autodesk
2011-03-03 20:24:07 ----D---- C:\ProgramData\Autodesk
2011-03-03 14:44:09 ----D---- C:\Program Files\Autodesk
2011-03-03 14:09:16 ----D---- C:\windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-25 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2010-12-22 135096]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2010-12-04 61960]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-08-20 27632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-08-19 2752352]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 rtl819xp;Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) Realtek RTL8190/RTL8192E 802.11n; C:\windows\system32\DRIVERS\rtl819xp.sys [2010-02-01 557088]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-15 212656]
R3 VMC326;Vimicro Camera Service VMC326; C:\windows\System32\Drivers\VMC326.sys [2009-08-10 237696]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-21 1161760]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336]
R2 Akamai;Akamai NetSession Interface; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-12 267944]
R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys [2010-11-01 532480]
R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-26 1045256]
S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\windows\System32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------
[/log]
czekam jeszcze na skan z malwarebytes. ta sprawa z klawiatura jest denerwujaca i nawet skrot SHIFT i CTRL do zmiany klawiatury nie dziala..
dzieki wielkie za szybka odpowiedz

Tomek01
komentarz
komentarz

Odinstaluj Adobe PDF Conversion Toolbar.
Sprawdzam, czy znasz te foldery?:
C:\Users\Rafał\Desktop\sdfgsdfg
C:\Users\Rafał\dsekjhsf



Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter.
Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany.



W OTL, w oknie Custom scan/fixes wklej:

[code]:OTL
O1 - Hosts: ਍㈱⸷⸰⸰‱捡楴慶整愮潤敢挮浯
O2 - BHO:r Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

:Files
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job

:Commands
[emptytemp][/code]

Klikasz run fix, komputer uruchamia się ponownie.

Wrzuć log z usuwania OTL oraz nowe logi: OTL i RSIT

raasky
komentarz
komentarz (edytowane)

malwarebytes nic nie wykazało. klawiatura magicznie zmieniła się na PL programisty :) nie mogę odinstalować Adobe converter toolbar (opcja niedostępna), tylko wyłączyłem z pozycji dodatki w mozilli, tak znam te foldery :P
log z usuwania OTL:
[log]All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found.
File move failed. C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
File move failed. C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
========== FILES ==========
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-604524677-2708395862-3557633927-1000UA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: ADMINI~1~VIT

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Rafał
->Temp folder emptied: 85582 bytes
->Temporary Internet Files folder emptied: 865116 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42821535 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 290433 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 03162011_200116

Files\Folders moved on Reboot...
File move failed. C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]

nowe OTL:
[log]OTL logfile created on: 3/16/2011 8:28:03 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.28 Gb Total Space | 9.49 Gb Free Space | 20.95% Space Free | Partition Type: NTFS
Drive D: | 237.71 Gb Total Space | 24.39 Gb Free Space | 10.26% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
PRC - [2011/03/13 21:44:37 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011/03/13 21:44:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/26 17:05:34 | 015,026,056 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/11/09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys
PRC - [2010/10/29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/10/15 11:14:26 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2010/10/11 15:49:48 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2010/08/21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010/08/20 10:49:04 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/04 11:09:52 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010/03/22 18:51:56 | 002,088,448 | ---- | M] (Baptiste Girod) -- C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe
PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2010/02/26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009/09/20 12:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/09/20 12:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009/09/20 12:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2009/08/19 04:15:48 | 007,711,264 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/15 00:14:34 | 000,103,720 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2009/07/15 00:14:32 | 001,541,416 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/07/14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009/07/14 02:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009/07/14 02:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009/04/22 16:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009/04/22 16:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/03/06 09:12:58 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/08/24 07:00:48 | 000,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007/05/08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/02/10 05:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
MOD - [2010/10/27 05:40:24 | 001,289,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/07/27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010/06/29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010/04/07 08:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009/12/08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009/12/08 12:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009/07/14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009/07/14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009/07/14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009/07/14 02:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009/07/14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009/07/14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009/07/14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009/07/14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009/07/14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009/07/14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009/07/14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009/07/14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009/07/14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009/07/14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011/03/05 19:42:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/05 10:42:03 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/12/12 11:58:03 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/01 13:34:00 | 000,532,480 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys -- (PrismXL)
SRV - [2010/10/28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/08/26 15:32:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/04/27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc)
SRV - [2009/09/23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/28 03:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/05 22:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2008/01/16 12:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/12/22 15:27:35 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/04 15:20:30 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/20 10:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/02/01 12:30:32 | 000,557,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl819xp.sys -- (rtl819xp) Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/08/10 19:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2009/07/21 23:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/12/26 02:08:38 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007/01/25 02:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=pl&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/30 13:15:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/03/15 20:13:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011/03/15 21:30:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/03/15 21:30:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: d:\Program Files\Mozilla Thunderbird\components [2011/03/15 21:30:25 | 000,000,000 | ---D | M]

[2011/01/02 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions
[2010/02/27 14:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/01 21:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\11ipo03f.default\extensions\personas@christopher.beard
[2011/03/16 17:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions
[2011/03/12 13:30:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/02/19 16:16:22 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66}
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/12 13:30:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/02 20:14:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/12 13:30:19 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2011/01/26 19:41:05 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/19 16:16:22 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\collector@broceliand.fr
[2011/01/02 20:22:13 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\smarterwiki@wikiatic.com
[2011/01/02 20:22:12 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Rafał\AppData\Roaming\mozilla\Firefox\Profiles\i37tet0q.default\extensions\youtube2mp3@mondayx.de

O1 HOSTS File: ([2011/03/16 19:40:49 | 000,000,052 | RH-- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [YouCam Mirage] d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: viauc.dk ([print] http in Zaufane witryny)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.10.10.5 212.10.10.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell - "" = AutoRun
O33 - MountPoints2\{401a4442-0e92-11e0-a8df-ace28c6527f2}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011/03/16 19:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Graphisoft Shared
[2011/03/16 18:09:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/03/16 17:11:42 | 000,000,000 | ---D | C] -- C:\rsit
[2011/03/15 21:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/03/15 21:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphisoft
[2011/03/15 20:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/03/15 11:29:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
[2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\windows\XSxS
[2011/03/15 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2011/03/13 19:59:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Staircase Analisys
[2011/03/13 12:56:33 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Autodesk, Inc
[2011/03/11 15:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Avatar
[2011/03/11 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\CyberLink
[2011/03/11 14:52:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/03/11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\CyberLink
[2011/03/10 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2011/03/10 09:59:43 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Files from Internet
[2011/03/10 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\My Files
[2011/03/10 09:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Lectures
[2011/03/06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\Podatki
[2011/03/05 19:47:41 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat
[2011/03/05 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Malwarebytes
[2011/03/05 17:48:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/03/05 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/05 17:47:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/03/03 23:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2011/03/03 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Adobe
[2011/03/03 23:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011/03/03 23:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011/03/03 23:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/03/03 21:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edraw Max 5.2
[2011/03/03 20:24:08 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\3dsMax
[2011/03/03 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V-Ray for SketchUp
[2011/03/03 15:45:20 | 000,000,000 | ---D | C] -- C:\windows\System32\Adobe
[2011/03/03 14:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASGVIS
[2011/03/03 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\Inventor
[2011/03/02 19:04:38 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\sdfgsdfg
[2011/03/01 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\FLVService
[2011/03/01 21:18:04 | 000,000,000 | ---D | C] -- C:\windows\Freecorder
[2011/02/27 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/02/19 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\The KMPlayer
[2011/02/19 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/02/10 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Desktop\1. Literature
[2011/01/30 11:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2011/01/30 11:33:49 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\HP
[2011/01/30 11:33:48 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\HP
[2011/01/30 11:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011/01/30 11:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011/01/30 11:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2011/01/30 11:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011/01/30 11:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/01/30 11:27:24 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2011/01/30 11:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Users\Rafał\Documents\StarCraft II
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/01/23 17:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/01/20 21:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 7
[2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Roaming\Thinstall
[2011/01/20 21:50:00 | 000,000,000 | ---D | C] -- C:\Users\Rafał\AppData\Local\Thinstall
[2011/01/19 16:43:19 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\System32\lameACM.acm
[2011/01/19 16:43:19 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll
[2011/01/19 16:43:19 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\System32\ac3acm.acm

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011/03/16 20:30:42 | 006,553,600 | -HS- | M] () -- C:\Users\Rafał\NTUSER.DAT
[2011/03/16 20:17:13 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 20:17:13 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 20:08:56 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2011/03/16 20:08:39 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/03/16 20:08:34 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/16 19:40:49 | 000,000,052 | RH-- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2011/03/16 19:29:39 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Start ArchiCAD 14.lnk
[2011/03/16 19:27:47 | 000,020,082 | ---- | M] () -- C:\windows\vpd.properties
[2011/03/16 19:20:25 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\ArchiCAD 13.lnk
[2011/03/16 17:11:33 | 000,339,991 | ---- | M] () -- C:\Users\Rafał\Desktop\RSIT.exe
[2011/03/16 17:05:25 | 000,148,656 | ---- | M] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/03/16 17:04:39 | 004,006,464 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/03/15 22:23:39 | 006,055,325 | -H-- | M] () -- C:\Users\Rafał\AppData\Local\IconCache.db
[2011/03/15 11:29:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rafał\Desktop\OTL.exe
[2011/03/15 10:54:02 | 000,000,545 | ---- | M] () -- C:\windows\win.ini
[2011/03/13 20:03:22 | 000,166,584 | ---- | M] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf
[2011/03/11 11:47:44 | 000,108,629 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg
[2011/03/11 11:17:47 | 000,047,161 | ---- | M] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf
[2011/03/10 13:55:06 | 001,654,586 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2011/03/10 13:55:06 | 000,734,536 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2011/03/10 13:55:06 | 000,653,898 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/03/10 13:55:06 | 000,148,904 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2011/03/10 13:55:06 | 000,121,090 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/03/10 11:39:20 | 000,049,849 | ---- | M] () -- C:\Users\Rafał\Desktop\310.dwg
[2011/03/09 20:45:15 | 003,733,661 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3
[2011/03/07 13:29:33 | 000,040,240 | ---- | M] () -- C:\Users\Rafał\Documents\3D 02.jpg
[2011/03/07 13:25:39 | 000,041,323 | ---- | M] () -- C:\Users\Rafał\Documents\3D 01.jpg
[2011/03/06 20:02:08 | 004,004,916 | ---- | M] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3
[2011/03/06 18:43:06 | 003,161,057 | ---- | M] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3
[2011/03/06 18:11:21 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini
[2011/03/03 20:01:30 | 006,485,848 | ---- | M] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3
[2011/03/03 14:42:41 | 000,017,588 | ---- | M] () -- C:\windows\System32\drivers\etc\services
[2011/03/01 19:11:26 | 002,960,430 | ---- | M] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3
[2011/02/25 09:19:23 | 000,467,882 | ---- | M] () -- C:\Users\Rafał\Desktop\0 - 20.mp3
[2011/02/25 09:19:19 | 000,531,601 | ---- | M] () -- C:\Users\Rafał\Desktop\100 -1876.mp3
[2011/02/20 13:49:37 | 012,202,592 | ---- | M] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3
[2011/02/15 09:33:03 | 000,047,104 | ---- | M] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/14 12:13:03 | 000,040,602 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg
[2011/02/11 18:23:48 | 000,381,554 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3
[2011/02/11 18:23:46 | 000,493,149 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3
[2011/02/11 18:23:45 | 000,439,232 | ---- | M] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3
[2011/02/10 13:47:18 | 000,013,654 | ---- | M] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf
[2011/02/04 16:24:01 | 003,889,142 | ---- | M] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3
[2011/02/04 15:30:06 | 003,530,115 | ---- | M] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3
[2011/02/02 21:54:05 | 000,023,713 | ---- | M] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg
[2011/01/30 13:18:38 | 000,023,203 | ---- | M] () -- C:\windows\hpqins15.dat
[2011/01/30 11:33:44 | 000,211,070 | ---- | M] () -- C:\windows\hpoins18.dat
[2011/01/30 11:29:41 | 000,002,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/01/20 21:41:32 | 000,003,120 | ---- | M] () -- C:\windows\System32\ALLFSAF8a.ocx

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/03/16 19:29:39 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Start ArchiCAD 14.lnk
[2011/03/16 19:20:25 | 000,000,858 | ---- | C] () -- C:\Users\Public\Desktop\ArchiCAD 13.lnk
[2011/03/16 17:11:32 | 000,339,991 | ---- | C] () -- C:\Users\Rafał\Desktop\RSIT.exe
[2011/03/15 21:29:11 | 000,020,082 | ---- | C] () -- C:\windows\vpd.properties
[2011/03/15 20:13:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011/03/15 20:13:35 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011/03/13 20:03:20 | 000,166,584 | ---- | C] () -- C:\Users\Rafał\Desktop\trappe_1-2.pdf
[2011/03/11 11:34:37 | 000,108,629 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_LIFT.dwg
[2011/03/11 11:17:47 | 000,047,161 | ---- | C] () -- C:\Users\Rafał\Desktop\KONE_Home_415_CAD_2011-03-11.pdf
[2011/03/10 11:39:20 | 000,049,849 | ---- | C] () -- C:\Users\Rafał\Desktop\310.dwg
[2011/03/09 20:42:03 | 003,733,661 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - One Night Only.mp3
[2011/03/07 13:29:33 | 000,040,240 | ---- | C] () -- C:\Users\Rafał\Documents\3D 02.jpg
[2011/03/07 13:25:39 | 000,041,323 | ---- | C] () -- C:\Users\Rafał\Documents\3D 01.jpg
[2011/03/06 19:58:48 | 004,004,916 | ---- | C] () -- C:\Users\Rafał\Desktop\A Perfect Circle - Passive.mp3
[2011/03/06 18:40:24 | 003,161,057 | ---- | C] () -- C:\Users\Rafał\Desktop\Nicole Scherzinger - Don't Hold Your Breath.mp3
[2011/03/03 23:45:29 | 000,000,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
[2011/03/03 23:44:35 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2011/03/03 23:43:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
[2011/03/03 23:42:51 | 000,002,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
[2011/03/03 23:42:08 | 000,000,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2011/03/03 23:41:04 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2011/03/03 23:40:46 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2011/03/03 23:24:42 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011/03/03 23:23:48 | 000,000,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011/03/03 23:23:26 | 000,000,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011/03/03 23:21:58 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011/03/03 23:21:45 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011/03/03 23:21:00 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/03/03 20:01:12 | 006,485,848 | ---- | C] () -- C:\Users\Rafał\Desktop\Lil Wayne - 6'7'.mp3
[2011/03/01 19:11:11 | 002,960,430 | ---- | C] () -- C:\Users\Rafał\Desktop\David Guetta feat. Rihanna - Who’s That Chick.mp3
[2011/03/01 11:45:52 | 012,202,592 | ---- | C] () -- C:\Users\Rafał\Desktop\03 Blue Foundation - Eyes On Fire.mp3
[2011/02/25 09:19:23 | 000,467,882 | ---- | C] () -- C:\Users\Rafał\Desktop\0 - 20.mp3
[2011/02/25 09:19:18 | 000,531,601 | ---- | C] () -- C:\Users\Rafał\Desktop\100 -1876.mp3
[2011/02/14 12:13:03 | 000,040,602 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-14_121301.jpg
[2011/02/11 18:23:44 | 000,493,149 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion1 Moed Maria 2.mp3
[2011/02/11 18:23:43 | 000,439,232 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Maria_og_Soeren.mp3
[2011/02/11 18:23:30 | 000,381,554 | ---- | C] () -- C:\Users\Rafał\Desktop\Lektion_1_TekstogDialog_Moed_Soerens.mp3
[2011/02/10 13:47:18 | 000,013,654 | ---- | C] () -- C:\Users\Rafał\Desktop\Semester_Schedule_4INT_SPRING 2011.pdf
[2011/02/04 16:20:41 | 003,889,142 | ---- | C] () -- C:\Users\Rafał\Desktop\Rihanna - S&M.mp3
[2011/02/04 15:27:09 | 003,530,115 | ---- | C] () -- C:\Users\Rafał\Desktop\Tiësto vs. Diplo feat. Busta Rhymes - C'mon (Catch 'Em By Surprise).mp3
[2011/02/02 21:54:05 | 000,023,713 | ---- | C] () -- C:\Users\Rafał\Desktop\2011-02-02.jpg
[2011/01/30 13:14:56 | 000,023,203 | ---- | C] () -- C:\windows\hpqins15.dat
[2011/01/30 11:31:06 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk
[2011/01/30 11:29:41 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/01/30 11:26:48 | 000,211,070 | ---- | C] () -- C:\windows\hpoins18.dat
[2011/01/30 11:26:48 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat
[2011/01/20 21:41:32 | 000,003,120 | ---- | C] () -- C:\windows\System32\ALLFSAF8a.ocx
[2011/01/19 16:43:20 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/01/19 16:43:19 | 000,000,414 | ---- | C] () -- C:\windows\System32\lame_acm.xml
[2011/01/19 16:43:18 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2011/01/19 16:43:18 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2011/01/19 16:43:18 | 000,000,590 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2011/01/12 19:24:23 | 000,000,152 | ---- | C] () -- C:\windows\Aslan.INI
[2010/12/19 19:10:52 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini
[2010/12/19 11:25:44 | 000,000,048 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/12/05 14:10:28 | 000,000,001 | ---- | C] () -- C:\windows\System32\SI.bin
[2010/09/04 17:47:43 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll
[2010/07/31 21:40:41 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2010/07/31 21:40:40 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2010/07/31 21:40:36 | 000,183,112 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2010/03/01 17:50:08 | 000,000,145 | ---- | C] () -- C:\windows\splendor.ini
[2010/03/01 17:46:03 | 000,284,160 | ---- | C] () -- C:\windows\unin0415.exe
[2009/12/23 13:51:46 | 002,392,064 | ---- | C] () -- C:\windows\System32\videotrans.dll
[2009/12/23 13:51:46 | 000,215,040 | ---- | C] () -- C:\windows\System32\videoformat.dll
[2009/12/23 13:51:46 | 000,017,920 | ---- | C] () -- C:\windows\System32\videocore.dll
[2009/12/23 13:51:45 | 000,061,440 | ---- | C] () -- C:\windows\System32\imgscaler.dll
[2009/12/23 13:51:45 | 000,022,016 | ---- | C] () -- C:\windows\System32\img_utils.dll
[2009/12/23 13:51:43 | 000,128,512 | ---- | C] () -- C:\windows\System32\xvid.dll
[2009/12/21 18:03:39 | 000,210,032 | ---- | C] () -- C:\windows\System32\DBCLIENT.DLL
[2009/11/03 19:08:37 | 000,047,104 | ---- | C] () -- C:\Users\Rafał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 14:55:27 | 000,138,056 | ---- | C] () -- C:\Users\Rafał\AppData\Roaming\PnkBstrK.sys
[2009/10/31 14:55:10 | 002,250,024 | ---- | C] () -- C:\windows\System32\pbsvc.exe
[2009/10/31 12:05:27 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/10/30 13:54:16 | 006,055,325 | -H-- | C] () -- C:\Users\Rafał\AppData\Local\IconCache.db
[2009/10/30 13:50:28 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2009/10/30 13:43:20 | 000,148,656 | ---- | C] () -- C:\Users\Rafał\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/30 13:37:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/28 19:14:04 | 000,734,536 | ---- | C] () -- C:\windows\System32\perfh015.dat
[2009/09/28 19:14:04 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat
[2009/09/28 19:14:04 | 000,148,904 | ---- | C] () -- C:\windows\System32\perfc015.dat
[2009/09/28 19:14:04 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat
[2009/09/28 19:00:26 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/09/28 19:00:26 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/09/28 18:28:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/09/28 09:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys
[2009/09/28 03:11:13 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/09/28 02:42:20 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe
[2009/07/26 21:06:02 | 001,654,586 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 05:33:53 | 004,006,464 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,653,898 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,121,090 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini
[2009/07/14 03:04:23 | 000,000,545 | ---- | C] () -- C:\windows\win.ini
[2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/07/13 22:41:56 | 000,053,552 | ---- | C] () -- C:\windows\System32\dosx.exe
[2009/07/13 22:41:05 | 000,000,718 | ---- | C] () -- C:\windows\System32\mscdexnt.exe
[2009/07/13 22:41:04 | 000,002,842 | ---- | C] () -- C:\windows\System32\redir.exe
[2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\share.exe
[2009/07/13 22:41:02 | 000,000,882 | ---- | C] () -- C:\windows\System32\fastopen.exe
[2009/07/13 22:41:01 | 000,019,694 | ---- | C] () -- C:\windows\System32\GRAPHICS.COM
[2009/07/13 22:40:59 | 000,014,710 | ---- | C] () -- C:\windows\System32\KB16.COM
[2009/07/13 22:40:57 | 000,007,052 | ---- | C] () -- C:\windows\System32\nlsfunc.exe
[2009/07/13 22:40:57 | 000,001,131 | ---- | C] () -- C:\windows\System32\LOADFIX.COM
[2009/07/13 22:40:56 | 000,039,274 | ---- | C] () -- C:\windows\System32\mem.exe
[2009/07/13 22:40:54 | 000,011,753 | ---- | C] () -- C:\windows\System32\setver.exe
[2009/07/13 22:40:52 | 000,020,634 | ---- | C] () -- C:\windows\System32\debug.exe
[2009/07/13 22:40:51 | 000,008,424 | ---- | C] () -- C:\windows\System32\exe2bin.exe
[2009/07/13 22:40:50 | 000,012,642 | ---- | C] () -- C:\windows\System32\edlin.exe
[2009/07/13 22:40:49 | 000,012,498 | ---- | C] () -- C:\windows\System32\append.exe
[2009/07/13 22:40:48 | 000,050,648 | ---- | C] () -- C:\windows\System32\COMMAND.COM
[2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys
[2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS
[2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS
[2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS
[2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS
[2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS
[2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS
[2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS
[2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS
[2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS
[2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS
[2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS
[2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS
[2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS
[2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll
[2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll
[2009/06/18 19:29:04 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/06/10 22:42:32 | 000,069,886 | ---- | C] () -- C:\windows\System32\edit.com
[2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\windows\System32\xlive.dll.cat

[color=#E56717]========== LOP Check ==========[/color]

[2010/06/28 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\AnvSoft
[2010/07/10 17:19:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Ashampoo
[2011/03/03 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Autodesk
[2010/12/18 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\BatteryCare
[2009/12/06 14:51:50 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\DAEMON Tools Lite
[2011/03/16 20:11:11 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Dropbox
[2010/12/05 19:28:57 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Efficient Sticky Notes
[2011/01/14 11:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\EuroTalk
[2010/01/01 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu
[2010/01/01 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gadu-Gadu 10
[2010/07/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Gmail Notifier Plus
[2010/01/09 15:58:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\ipla
[2009/10/31 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Leadertech
[2009/11/02 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu
[2009/11/02 12:42:14 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\OpenFM
[2010/06/24 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\PC Suite
[2010/06/30 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\r2 Studios
[2009/10/31 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Red Alert 3
[2010/11/29 13:34:37 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Stardock
[2011/01/20 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thinstall
[2010/02/27 14:44:05 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Thunderbird
[2011/03/15 22:07:33 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\uTorrent
[2010/11/22 10:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rafał\AppData\Roaming\Xerox
[2011/03/16 20:08:56 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/03/16 20:08:34 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/23 22:13:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/16 20:08:37 | 3215,577,088 | -HS- | M] () -- C:\pagefile.sys
[2009/09/28 02:37:48 | 000,002,003 | ---- | M] () -- C:\RHDSetup.log
[2009/09/28 03:09:41 | 000,000,166 | ---- | M] () -- C:\Setup.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >
[/log]
[log]OTL Extras logfile created on: 3/16/2011 8:28:03 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rafał\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.28 Gb Total Space | 9.49 Gb Free Space | 20.95% Space Free | Partition Type: NTFS
Drive D: | 237.71 Gb Total Space | 24.39 Gb Free Space | 10.26% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK | User Name: Rafał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Program Files\Adobe\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002DD827-7FAC-A09F-7382-BCF61E6744C8}" = CCC Help Portuguese
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0C255F02-22AF-F50B-E945-B8D763E1A077}" = CCC Help Greek
"{0C5F09B4-5C7A-6F41-89F4-65B419A639B9}" = CCC Help Chinese Standard
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{180641E1-F6C2-6053-1022-78B9C49D173D}" = CCC Help Finnish
"{18A2FD82-910A-0208-3AE1-169E92F2AFA4}" = CCC Help Dutch
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2822F016-69E9-A368-B612-685CCF4A9B83}" = CCC Help English
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A07F8DD-96E5-8A5D-3C6A-D60F38D1F34B}" = CCC Help Turkish
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D397BD2-ED49-F9B9-4F65-D60D00AD6C5F}" = CCC Help Norwegian
"{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30C4566A-85AC-1713-71B2-3BE50C7146F8}" = CCC Help Thai
"{3380D2BE-EAE4-034C-1096-3CA28F82A2F9}" = CCC Help French
"{3920C82C-C03F-0D90-8009-CBFD8CF0214B}" = ccc-utility
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{4067974F-F2E5-5893-E7A3-10C345089305}" = CCC Help Polish
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{4177BBB8-D654-4364-A898-BA00A68D7897}" = CCC Help Swedish
"{41CD70E9-E193-8358-A837-A3A900565840}" = CCC Help Russian
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B4C2E3-D570-16B4-8CED-3D83AAF5D6F7}" = Catalyst Control Center Localization All
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{473937BF-F1ED-764D-01A8-12A672DED3E0}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007
"{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4ECC1D06-672F-2935-E570-CA2D210AE0CE}" = Catalyst Control Center InstallProxy
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5783F2D7-9001-0409-0002-0060B0CE6BBA}" = AutoCAD 2011 - English
"{5783F2D7-9001-0409-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - English
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Twierdza Krzyżowiec
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8D7CCD59-BEBB-57D4-23EC-B9A9DB173EAA}" = Catalyst Control Center Graphics Previews Vista
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8EE4C584-C82E-9BE3-41C1-BC2A53774DE6}" = CCC Help Korean
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{94A4609B-0414-4427-81F3-0FD282A2D0D3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-00B1-0409-0000-0000000FF1CE}" = Microsoft Save as XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{72776234-19F1-4688-9312-85FAF07143F4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{940C416E-1BE6-58C0-949E-1A588349B0C7}" = CCC Help Hungarian
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live
"{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A1802E07-1CC7-4CD1-AFBF-E2CC94B99046}" = Crypt4Free
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F34AF5-E329-444C-BD1B-137637AB23AD}" = BatteryCare
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B15A87DC-46AC-D726-E2F5-06A3D5F35C06}" = ATI Catalyst Install Manager
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{B7D833B7-915D-C859-D7A6-3639423E878C}" = CCC Help Danish
"{B9F76257-02B5-EB70-2A72-6D56C9359985}" = CCC Help Italian
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB778F28-FD55-C8FD-8E0B-482814C05D6B}" = CCC Help Chinese Traditional
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF076135-7D69-3255-D72B-487E67146727}" = CCC Help Japanese
"{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}" = Google SketchUp Pro 7
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB829D09-6426-F17D-C95D-303A6613A190}" = ccc-core-static
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A5844F-80CB-665D-0AF9-9D712F4E6238}" = CCC Help German
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F88335A8-CA7B-41DE-B37D-81306C73B507}" = Bezpieczeństwo rodzinne usługi Windows Live
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F958FF6B-B2B8-03F6-B56D-7D5E04768AA8}" = CCC Help Czech
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"001FFF1FFF13FF00FF0701F00F02F000-R1" = ArchiCAD 13 INT
"001FFF1FFF14FF00FF0701F01F02F000-R1" = ArchiCAD 14 INT
"048FFFFFFF13FF00FF0701F00F02F000-R1" = ArchiCAD Essentials Interactive Training Guide
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5e6c9151" = Contextual Tool Yourprofitclub
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"Audacity_is1" = Audacity 1.2.6
"AutoCAD 2011 - English" = AutoCAD 2011 - English
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Autodesk Revit Architecture 2011" = Autodesk Revit Architecture 2011
"Autodesk Revit Architecture 2011 SP2" = Autodesk Revit Architecture 2011 x86 Update 2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Be06v4" = Be06v4
"Business Contact Manager" = Business Contact Manager z dodatkiem SP1 dla programu Outlook 2007
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Edraw Max_is1" = Edraw Max 5.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Capture" = FastStone Capture 5.3
"Fences" = Fences
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDD Health_is1" = HDD Health v3.3 Beta
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.8.0 (Full)
"Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"NapiProjekt_is1" = NapiProjekt 1.0.6.5
"Picasa 3" = Picasa 3
"Polskie Normy i prawo budowlane_is1" = Polskie Normy i prawo budowlane
"RealAlt_is1" = Real Alternative 2.0.1
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.20
"ST6UNST #1" = EngiLab Beam.2D ML v1.20
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ 5.2 (Crack v2)" = Virtual DJ 5.2 (Crack v2)
"V-Ray for SketchUp 1.48.89" = V-Ray for SketchUp
"WheelMouse" = 2X-Office 7.80
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 4.84
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.92

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BankBrowser" = BankBrowser
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 3/6/2011 5:31:15 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 3:28:33 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 7:56:59 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 9:20:06 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/7/2011 4:44:01 PM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/8/2011 3:06:57 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/8/2011 3:36:23 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/9/2011 11:28:03 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/10/2011 3:27:16 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

Error - 3/10/2011 11:40:58 AM | Computer Name = Notebook | Source = Schedule | ID = 0
Description =

[ OSession Events ]
Error - 10/8/2010 3:41:09 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/8/2010 8:35:05 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 114
seconds with 60 seconds of active time. This session ended with a crash.

Error - 10/8/2010 8:35:43 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/9/2011 9:01:24 AM | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3/16/2011 1:09:12 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7034
Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/16/2011 1:10:07 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/16/2011 1:10:13 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń,
której nie można uruchomić z powodu następującego błędu: %%1058

Error - 3/16/2011 3:01:17 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7034
Description = Usługa AMD External Events Utility niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 3/16/2011 3:08:54 PM | Computer Name = Notebook | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 20:00:58 na ?2011-?03-?16 było
nieoczekiwane.

Error - 3/16/2011 3:08:40 PM | Computer Name = Notebook | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/16/2011 3:08:40 PM | Computer Name = Notebook | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/16/2011 3:08:58 PM | Computer Name = Notebook | Source = Service Control Manager | ID = 7001
Description = Usługa SBSD Security Center Service zależy od usługi Centrum zabezpieczeń,
której nie można uruchomić z powodu następującego błędu: %%1058

Error - 3/16/2011 3:10:54 PM | Computer Name = Notebook | Source = DCOM | ID = 10010
Description =


< End of report >
[/log]
nowe RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Rafał at 2011-03-16 20:28:23
Microsoft Windows 7 Home Premium
System drive C: has 10 GB (21%) free of 46 GB
Total RAM: 3067 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:29, on 2011-03-16
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Rafał\Desktop\Programy\Gmail Notifier Plus.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Rafał\Desktop\OTL.exe
C:\Users\Rafał\Desktop\RSIT.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Rafał.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [YouCam Mirage] "d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O15 - Trusted Zone: http://print.viauc.dk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10967 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Users\Rafał\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-19 7711264]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1541416]
"StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2009-03-08 73728]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 241664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"YouCam Mirage"=d:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe [2010-08-20 136488]
"YouCam Tray"=d:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe [2011-01-19 162912]
"Adobe Acrobat Speed Launcher"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Google Update"=C:\Users\Rafał\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Rafał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Rafał\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-03-16 19:17:27 ----D---- C:\Program Files\Common Files\Graphisoft Shared
2011-03-16 18:09:11 ----D---- C:\_OTL
2011-03-16 17:11:42 ----D---- C:\rsit
2011-03-16 17:11:42 ----D---- C:\Program Files\trend micro
2011-03-15 10:51:46 ----D---- C:\windows\XSxS
2011-03-15 10:51:46 ----D---- C:\Program Files\Xenocode
2011-03-05 19:47:41 ----D---- C:\windows\system32\Wat
2011-03-05 19:42:27 ----A---- C:\windows\system32\drivers\sffp_sd.sys
2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\usbvideo.sys
2011-03-05 19:42:24 ----A---- C:\windows\system32\drivers\ks.sys
2011-03-05 19:42:21 ----A---- C:\windows\system32\wcncsvc.dll
2011-03-05 19:42:14 ----A---- C:\windows\system32\mshtml.dll
2011-03-05 19:42:10 ----A---- C:\windows\system32\iertutil.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\mstime.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeedsbs.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\msfeeds.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\licmgr10.dll
2011-03-05 19:42:09 ----A---- C:\windows\system32\iedkcs32.dll
2011-03-05 19:42:08 ----A---- C:\windows\system32\mshtmled.dll
2011-03-05 19:42:08 ----A---- C:\windows\system32\msfeedssync.exe
2011-03-05 19:42:08 ----A---- C:\windows\system32\iepeers.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\mf.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\FntCache.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\DWrite.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\d3d10warp.dll
2011-03-05 19:41:46 ----A---- C:\windows\system32\d2d1.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\WMVDECOD.DLL
2011-03-05 19:41:45 ----A---- C:\windows\system32\mfreadwrite.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\ExplorerFrame.dll
2011-03-05 19:41:45 ----A---- C:\windows\system32\d3d10_1core.dll
2011-03-05 19:41:44 ----A---- C:\windows\system32\XpsRasterService.dll
2011-03-05 19:41:43 ----A---- C:\windows\system32\upnp.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\wininet.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\urlmon.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\msxml6.dll
2011-03-05 19:41:42 ----A---- C:\windows\system32\ieframe.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\wscsvc.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\wscapi.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\winhttp.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\WebClnt.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\slwga.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\msxml3.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\jsproxy.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\ieui.dll
2011-03-05 19:41:41 ----A---- C:\windows\system32\davclnt.dll
2011-03-05 19:41:37 ----A---- C:\windows\system32\tzres.dll
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntoskrnl.exe
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-03-05 19:41:33 ----A---- C:\windows\system32\ntdll.dll
2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc_isv.dll
2011-03-05 19:41:32 ----A---- C:\windows\system32\secproc.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\secproc_ssp.dll
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_ssp.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate_isv.exe
2011-03-05 19:41:31 ----A---- C:\windows\system32\RMActivate.exe
2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsPrint.dll
2011-03-05 19:41:30 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-03-05 19:41:29 ----A---- C:\windows\system32\odbc32.dll
2011-03-05 19:41:29 ----A---- C:\windows\system32\kerberos.dll
2011-03-05 19:41:28 ----A---- C:\windows\system32\consent.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\wmicmiplugin.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskschd.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskeng.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\taskcomp.dll
2011-03-05 19:41:27 ----A---- C:\windows\system32\schtasks.exe
2011-03-05 19:41:27 ----A---- C:\windows\system32\schedsvc.dll
2011-03-05 19:41:26 ----A---- C:\windows\system32\oleaut32.dll
2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\fvevol.sys
2011-03-05 19:41:26 ----A---- C:\windows\system32\drivers\Diskdump.sys
2011-03-05 19:41:25 ----A---- C:\windows\system32\win32k.sys
2011-03-05 19:41:24 ----A---- C:\windows\system32\webio.dll
2011-03-05 19:41:24 ----A---- C:\windows\system32\atmlib.dll
2011-03-05 19:41:24 ----A---- C:\windows\system32\atmfd.dll
2011-03-05 19:41:22 ----A---- C:\windows\system32\CPFilters.dll
2011-03-05 19:41:21 ----A---- C:\windows\system32\psisdecd.dll
2011-03-05 19:41:21 ----A---- C:\windows\system32\msdri.dll
2011-03-05 19:41:19 ----A---- C:\windows\system32\vbscript.dll
2011-03-05 19:41:19 ----A---- C:\windows\system32\jscript.dll
2011-03-05 19:40:49 ----A---- C:\windows\system32\d3d10_1.dll
2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-03-05 19:39:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2011-03-05 19:39:28 ----A---- C:\windows\system32\cdd.dll
2011-03-05 17:48:07 ----D---- C:\Users\Rafał\AppData\Roaming\Malwarebytes
2011-03-05 17:48:02 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-03-05 17:48:00 ----D---- C:\ProgramData\Malwarebytes
2011-03-05 17:47:57 ----A---- C:\windows\system32\drivers\mbam.sys
2011-03-03 23:25:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-03-03 23:22:22 ----D---- C:\Program Files\Adobe Media Player
2011-03-03 23:20:58 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-03-03 15:45:20 ----D---- C:\windows\system32\Adobe
2011-03-03 14:48:13 ----D---- C:\ProgramData\ASGVIS
2011-03-01 21:18:04 ----D---- C:\windows\Freecorder
2011-02-27 10:38:58 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2011-03-16 20:11:25 ----D---- C:\windows\Temp
2011-03-16 20:11:25 ----D---- C:\Users\Rafał\AppData\Roaming\Skype
2011-03-16 20:11:11 ----D---- C:\Users\Rafał\AppData\Roaming\Dropbox
2011-03-16 20:08:58 ----D---- C:\Program Files\Common Files\Akamai
2011-03-16 20:01:19 ----D---- C:\windows\Tasks
2011-03-16 19:27:47 ----D---- C:\Windows
2011-03-16 19:17:27 ----D---- C:\Program Files\Common Files
2011-03-16 19:12:44 ----SHD---- C:\windows\Installer
2011-03-16 19:12:44 ----HD---- C:\Config.Msi
2011-03-16 18:09:14 ----D---- C:\windows\System32
2011-03-16 17:11:42 ----RD---- C:\Program Files
2011-03-16 17:06:17 ----D---- C:\Users\Rafał\AppData\Roaming\skypePM
2011-03-15 22:07:33 ----D---- C:\Users\Rafał\AppData\Roaming\uTorrent
2011-03-15 21:30:24 ----D---- C:\Program Files\Internet Explorer
2011-03-15 21:30:02 ----D---- C:\Program Files\Common Files\Apple
2011-03-15 20:17:54 ----D---- C:\Program Files\Adobe
2011-03-15 20:14:23 ----D---- C:\Program Files\Common Files\Adobe
2011-03-15 20:14:11 ----D---- C:\windows\system32\DriverStore
2011-03-15 20:14:11 ----D---- C:\windows\inf
2011-03-15 20:11:41 ----RSD---- C:\windows\Fonts
2011-03-15 10:54:02 ----D---- C:\ProgramData\Microsoft Help
2011-03-15 10:54:02 ----A---- C:\windows\win.ini
2011-03-15 08:32:20 ----D---- C:\windows\system32\NDF
2011-03-12 23:12:23 ----D---- C:\windows\system32\drivers
2011-03-12 23:12:23 ----D---- C:\windows\ShellNew
2011-03-12 16:44:01 ----SHD---- C:\System Volume Information
2011-03-11 14:53:39 ----D---- C:\windows\system32\catroot
2011-03-11 14:53:36 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-11 14:53:08 ----AD---- C:\ProgramData\Temp
2011-03-11 14:35:54 ----D---- C:\ProgramData\CyberLink
2011-03-11 14:12:03 ----D---- C:\Program Files\CyberLink
2011-03-11 13:26:22 ----D---- C:\Users\Rafał\AppData\Roaming\CyberLink
2011-03-10 13:55:06 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-03-10 09:53:05 ----SD---- C:\Users\Rafał\AppData\Roaming\Microsoft
2011-03-07 22:10:32 ----D---- C:\windows\system32\wdi
2011-03-06 18:11:21 ----A---- C:\windows\NeroDigital.ini
2011-03-05 20:25:24 ----D---- C:\windows\Microsoft.NET
2011-03-05 20:24:34 ----RSD---- C:\windows\assembly
2011-03-05 19:53:24 ----D---- C:\windows\system32\config
2011-03-05 19:49:55 ----D---- C:\windows\winsxs
2011-03-05 19:47:44 ----D---- C:\windows\system32\pl-PL
2011-03-05 19:47:44 ----D---- C:\windows\ehome
2011-03-05 19:47:44 ----D---- C:\Program Files\Windows Mail
2011-03-05 19:47:43 ----D---- C:\windows\AppPatch
2011-03-05 19:47:42 ----D---- C:\windows\system32\migration
2011-03-05 19:42:27 ----D---- C:\windows\system32\catroot2
2011-03-05 18:12:07 ----D---- C:\windows\Prefetch
2011-03-05 17:48:00 ----HD---- C:\ProgramData
2011-03-05 17:42:25 ----D---- C:\windows\system32\drivers\etc
2011-03-05 17:37:15 ----D---- C:\windows\system32\Tasks
2011-03-03 23:49:18 ----D---- C:\Users\Rafał\AppData\Roaming\Adobe
2011-03-03 23:47:57 ----D---- C:\ProgramData\FLEXnet
2011-03-03 23:45:32 ----D---- C:\ProgramData\Adobe
2011-03-03 23:34:20 ----D---- C:\Users\Rafał\AppData\Roaming\WinRAR
2011-03-03 20:24:07 ----D---- C:\Users\Rafał\AppData\Roaming\Autodesk
2011-03-03 20:24:07 ----D---- C:\ProgramData\Autodesk
2011-03-03 14:44:09 ----D---- C:\Program Files\Autodesk
2011-03-03 14:09:16 ----D---- C:\windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-25 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2010-12-22 135096]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2010-12-04 61960]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-08-20 27632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-08-19 2752352]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 rtl819xp;Sterownik bezprzewodowej karty sieci LAN PCI NIC NT (Mini-) Realtek RTL8190/RTL8192E 802.11n; C:\windows\system32\DRIVERS\rtl819xp.sys [2010-02-01 557088]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-15 212656]
R3 VMC326;Vimicro Camera Service VMC326; C:\windows\System32\Drivers\VMC326.sys [2009-08-10 237696]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-21 1161760]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-12-26 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336]
R2 Akamai;Akamai NetSession Interface; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-12 267944]
R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; D:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys [2010-11-01 532480]
R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-26 1045256]
S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\windows\System32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Podmieniłbym na Twoim miejscu C:\Windows\System32\rundll32.exe z płytki. Bo jak mówiłem jest dla mnie podejrzany.

Nic tu specjalnego nie widać :)

W OTL wciśnij CleanUp.

raasky
komentarz
komentarz

pliki systemowe podmieniłem z płytki recovery, wszystko śmiga jak należy, a co to były te chińskie znaczki?
bardzo dziękuję za pomoc! :)

Tomek01
komentarz
komentarz

Zabezpiecz się jeszcze przed intruzami,
Użyj [url="http://www.dobreprogramy.pl/Windows-Worms-Doors-Cleaner,Program,Windows,11744.html"][b][color="#0000FF"]WWDC[/color][/b][/url], pozamykaj robaczywe porty. Tak aby znaczki były na zielono (dopuszczalny jest jeden żółty).

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.