Zamotasupuany utworzono 24 lipca 2011 utworzono 24 lipca 2011 (edytowane) Witam. Od pewnego czasu komp wyraźnie zwolnił. Dość często pojawia się komunikat "program nie odpowiada" - trwa to do 30 sekund i wraca do normy. Generalnie coś mu jest. Z góry dzięki za rzucenie okiem na logi OTL [log]OTL logfile created on: 2011-07-24 14:42:52 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Zamotasupuany\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 55,19% Memory free 6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254,15 Gb Total Space | 105,75 Gb Free Space | 41,61% Space Free | Partition Type: NTFS Drive D: | 29,19 Gb Total Space | 27,19 Gb Free Space | 93,16% Space Free | Partition Type: NTFS Computer Name: ZAMOTASUPUANYPC | User Name: Zamotasupuany | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe PRC - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2011-06-30 10:37:05 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2011-06-28 16:56:02 | 000,484,008 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe PRC - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011-06-26 21:13:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-11-02 16:44:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-09-22 12:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010-08-17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-01-15 19:32:59 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe PRC - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe PRC - [2008-08-12 02:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe PRC - [2008-07-03 11:29:48 | 000,098,304 | R--- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe PRC - [2008-06-11 12:16:11 | 001,454,080 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2008-06-06 00:40:40 | 000,102,400 | R--- | M] () -- C:\Program Files\ATK Hotkey\LOSD.exe PRC - [2008-05-29 10:29:45 | 000,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2008-05-29 10:29:39 | 001,111,336 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2008-05-22 02:56:32 | 005,207,880 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2008-05-22 02:52:34 | 008,824,648 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2008-05-10 03:55:24 | 002,555,904 | R--- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2008-01-23 19:51:28 | 000,151,552 | R--- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2008-01-21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-21 04:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008-01-21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2007-11-05 04:48:06 | 000,106,496 | R--- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe PRC - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe MOD - [2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll MOD - [2011-04-12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-12-20 18:35:04 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-10-15 15:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 11:46:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Start_Pending] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect) DRV - [2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010-09-25 11:36:56 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-09-20 11:29:48 | 000,049,472 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009-05-19 06:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009-01-15 19:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-09-05 19:50:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-08-29 03:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-25 00:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008-06-13 21:23:12 | 000,008,832 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2008-06-13 21:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Wdkbdmou.sys -- (Wdkbdmou) DRV - [2008-06-11 12:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2008-05-23 02:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008-04-28 00:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel(R) DRV - [2008-01-24 19:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini) DRV - [2008-01-10 19:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2007-07-30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-07-30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007-05-24 01:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006-12-14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2004-06-10 10:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2K.sys -- (USBCM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Users\Zamotasupuany\Downloads\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Zamotasupuany\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-26 21:13:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-29 20:41:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M] [2010-12-30 16:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Extensions [2011-07-02 07:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions [2010-08-20 17:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-30 16:26:05 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2011-05-03 17:45:03 | 000,004,140 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\searchplugins\youtube.xml [2011-06-16 18:46:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-06-03 15:59:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-17 06:53:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-11-10 23:35:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-01-15 11:45:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-02-20 22:24:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-06-16 18:46:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\ZAMOTASUPUANY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P881FOPR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011-06-26 21:13:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-09-14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe () O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 10.1.1.1 O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-07-03 10:57:30 | 000,110,386 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell - "" = AutoRun O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell - "" = AutoRun O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell\AutoRun\command - "" = F:\setup.exe /autorun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AdobeUpdater[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: [b]Readycomm[/b] - hkey= - key= - C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited) MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: [b]Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]VeriFaceManager[/b] - hkey= - key= - C:\Program Files\Lenovo\VeriFaceIII\PManage.exe () MsConfig - StartUpReg: [b]VirtualCloneDrive[/b] - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) MsConfig - State: "bootini" - 2 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-07-24 14:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-07-24 14:40:36 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe [2011-07-24 13:39:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Desktop\muzyka od izy stasikowskiej [2011-07-24 11:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis [2011-07-24 11:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis [2011-07-24 10:08:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My NPS Files [2011-07-24 10:07:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My Art [2011-07-23 21:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K11 [2011-07-23 11:26:26 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Miuosh-Piata_Strona_Swiata-WEB-PL-2011 [2011-07-16 21:10:32 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-07-16 21:10:09 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011-07-16 21:10:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2011-07-03 12:28:53 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\imieniny babci [2011-06-25 19:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\autostitch [2011-06-20 17:37:31 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{F9796FA1-8F59-4F22-84FD-D79B08D54776} [2011-06-19 22:33:17 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{2C6E3E19-742B-482B-B9C3-9864917ACEFE} [2011-06-19 21:38:51 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\The Witcher 2 [2011-06-19 21:38:35 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2011-06-19 21:38:35 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2011-06-19 21:38:35 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2011-06-19 21:38:35 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2011-06-19 21:38:35 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2011-06-19 21:38:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2011-06-19 21:38:34 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2011-06-19 21:38:34 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2011-06-19 21:38:34 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2011-06-19 21:38:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2011-06-19 21:38:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2011-06-19 21:38:34 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2011-06-19 21:38:33 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2011-06-19 21:38:33 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2011-06-19 21:38:33 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2011-06-19 21:38:32 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2011-06-19 21:38:32 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2011-06-19 21:38:29 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2011-06-19 21:38:29 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2011-06-19 21:38:28 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2011-06-19 21:38:28 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2011-06-19 21:38:28 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2011-06-19 21:38:28 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2011-06-19 21:38:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2011-06-16 20:55:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-06-16 20:55:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011-06-16 20:55:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-06-16 20:55:04 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011-06-16 18:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-06-16 18:46:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-06-08 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\wykłady [2011-06-06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\MaxFloRec - Podaj Dalej (2009) [2011-06-06 19:48:45 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Fokus-Prewersje-CD-PL-2011-211 [2011-06-01 21:24:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011-06-01 21:24:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-06-01 21:24:26 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011-06-01 21:24:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011-06-01 21:24:25 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011-06-01 21:24:24 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-06-01 21:24:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011-06-01 21:24:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011-06-01 21:24:23 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011-06-01 21:24:23 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-06-01 21:24:23 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011-06-01 21:24:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011-06-01 21:24:23 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-06-01 21:24:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-06-01 21:24:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-06-01 21:24:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-06-01 21:24:22 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-06-01 21:24:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011-06-01 21:24:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011-06-01 21:24:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011-06-01 21:24:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011-06-01 21:24:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-06-01 21:24:21 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-06-01 21:24:21 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-06-01 21:24:20 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011-06-01 21:24:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011-06-01 21:24:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-06-01 21:24:20 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011-06-01 21:24:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011-06-01 21:24:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011-06-01 21:24:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-06-01 21:24:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011-06-01 21:24:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-06-01 21:24:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011-06-01 21:24:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-05-31 19:14:55 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia [2011-05-31 19:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite [2011-05-31 19:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2011-05-31 19:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2011-05-31 19:09:27 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys [2011-05-31 19:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2011-05-31 19:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2010-03-27 10:58:56 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2K.sys [2009-09-20 10:46:14 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-07-24 14:44:51 | 000,781,383 | ---- | M] () -- C:\Users\Zamotasupuany\Desktop\RSIT.exe [2011-07-24 14:43:04 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe [2011-07-24 14:22:58 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-07-24 14:22:58 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-07-24 14:22:58 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-07-24 14:22:58 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-07-24 14:13:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-07-24 14:13:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-07-24 14:12:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004UA.job [2011-07-24 13:46:14 | 000,169,472 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-24 13:39:30 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-07-24 12:13:53 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-07-24 12:13:38 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2011-07-24 12:13:31 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-07-24 12:13:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-07-24 12:12:13 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-07-23 15:12:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004Core.job [2011-07-23 09:55:08 | 005,709,006 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3 [2011-07-21 17:45:09 | 000,006,763 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u [2011-07-17 15:55:39 | 000,045,362 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg [2011-07-17 08:27:13 | 000,390,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-07-16 21:13:31 | 000,002,082 | ---- | M] () -- C:\Users\Zamotasupuany\Desktop\Google Chrome.lnk [2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys [2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys [2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys [2011-06-30 10:37:53 | 000,019,088 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys [2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll [2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011-06-17 06:29:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011-06-02 15:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-06-01 21:24:42 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011-06-01 21:24:42 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011-06-01 21:24:27 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011-06-01 21:24:27 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-06-01 21:24:26 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011-06-01 21:24:25 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011-06-01 21:24:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011-06-01 21:24:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011-06-01 21:24:24 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-06-01 21:24:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011-06-01 21:24:23 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011-06-01 21:24:23 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-06-01 21:24:23 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011-06-01 21:24:23 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011-06-01 21:24:23 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-06-01 21:24:23 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-06-01 21:24:23 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-06-01 21:24:23 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-06-01 21:24:22 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-06-01 21:24:22 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-06-01 21:24:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011-06-01 21:24:22 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011-06-01 21:24:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011-06-01 21:24:22 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011-06-01 21:24:22 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-06-01 21:24:21 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-06-01 21:24:21 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-06-01 21:24:20 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011-06-01 21:24:20 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011-06-01 21:24:20 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-06-01 21:24:20 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011-06-01 21:24:20 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011-06-01 21:24:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011-06-01 21:24:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-06-01 21:24:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011-06-01 21:24:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-06-01 21:24:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011-06-01 21:24:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-05-25 18:33:48 | 001,693,603 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\tango wesele.mp3 [2011-05-25 18:21:28 | 002,193,063 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\Carlos Gardel - Tango (Scent of woman soundtrack)[wyszukiwarkamp3.i50.pl].mp3 [1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-24 14:44:46 | 000,781,383 | ---- | C] () -- C:\Users\Zamotasupuany\Desktop\RSIT.exe [2011-07-23 09:55:08 | 005,709,006 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3 [2011-07-21 17:45:08 | 000,006,763 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u [2011-07-17 15:55:36 | 000,045,362 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg [2011-06-19 22:30:13 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011-06-01 21:24:23 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-25 18:33:45 | 001,693,603 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\tango wesele.mp3 [2011-05-25 18:22:07 | 002,193,063 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\Carlos Gardel - Tango (Scent of woman soundtrack)[wyszukiwarkamp3.i50.pl].mp3 [2011-05-07 17:56:16 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011-05-07 17:56:16 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011-01-06 10:07:03 | 000,000,680 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\d3d9caps.dat [2010-12-27 18:41:15 | 000,000,245 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Roaming\burnaware.ini [2010-08-21 12:24:15 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll [2010-08-21 12:24:15 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-08-20 20:55:49 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2010-08-08 14:31:49 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini [2010-08-08 14:26:53 | 000,000,016 | ---- | C] () -- C:\Windows\system87sG.dat [2010-04-19 21:44:00 | 000,175,068 | ---- | C] () -- C:\Windows\hpoins28.dat.temp [2010-04-19 21:44:00 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp [2010-04-19 18:34:08 | 000,177,422 | ---- | C] () -- C:\Windows\hpoins28.dat [2010-04-19 18:34:08 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat [2010-03-27 11:32:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-03-27 11:32:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010-03-27 10:58:56 | 000,135,168 | ---- | C] () -- C:\Windows\UNDPX2K.exe [2010-03-27 10:58:56 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2K.sys [2010-03-24 20:27:50 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-03-24 19:34:22 | 000,169,472 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-20 12:04:24 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009-09-20 11:47:04 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll [2009-09-20 11:47:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll [2009-09-20 11:47:03 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll [2009-09-20 11:47:03 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll [2009-09-20 11:47:03 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll [2009-09-20 11:47:02 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll [2009-09-20 11:47:02 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll [2009-09-20 11:47:02 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll [2009-09-20 11:47:02 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll [2009-09-20 11:47:02 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll [2009-09-20 11:47:02 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll [2009-09-20 11:47:02 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll [2009-09-20 11:47:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll [2009-09-20 11:47:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll [2009-09-20 11:47:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll [2009-09-20 11:41:03 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009-09-20 11:29:50 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009-09-20 11:29:50 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys [2009-09-20 11:29:46 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll [2009-09-20 10:46:13 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009-09-20 10:46:13 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2009-09-20 10:25:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009-09-20 09:53:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-09-20 09:33:44 | 000,662,056 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-09-20 09:33:44 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-09-20 09:33:44 | 000,126,908 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-09-20 09:33:44 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-20 20:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe [2009-07-20 20:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe [2009-03-03 11:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008-08-26 21:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008-06-13 21:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys [2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007-04-16 12:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin [2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 000,390,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001-11-14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-06 19:41:49 | 000,000,000 | -HSD | M] -- C:\Users\Zamotasupuany\AppData\Roaming\.# [2010-03-28 08:55:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Ashampoo [2010-11-06 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\avidemux [2011-07-24 11:20:47 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\BitTorrent [2011-05-19 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Broad Intelligence [2011-03-25 21:11:45 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\DAEMON Tools Lite [2011-03-16 21:24:54 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\FreshDiagnose [2010-05-10 19:13:14 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Gadu-Gadu [2010-11-12 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\IrfanView [2011-03-25 21:33:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Leadertech [2010-03-24 16:48:38 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Lenovo [2011-05-31 19:27:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia [2010-05-02 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\OfficeRecovery [2010-10-16 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\PC Suite [2011-07-24 12:06:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Samsung [2011-01-23 13:41:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\SharePod [2010-10-20 17:56:04 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Windows Live Writer [2011-07-24 12:12:14 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2011-07-03 10:57:30 | 000,110,386 | ---- | M] () -- C:\AutoMapaSetupLog.txt [2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-02-03 23:34:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-07-24 12:13:37 | 003,086,908 | ---- | M] () -- C:\FaceProv.log [2010-05-03 16:21:05 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt [2011-07-24 12:13:17 | 3531,718,656 | -HS- | M] () -- C:\pagefile.sys [2009-09-20 10:44:47 | 000,000,780 | ---- | M] () -- C:\RHDSetup.log [2011-07-24 14:45:26 | 002,556,111 | ---- | M] () -- C:\sysiclog.txt [2011-07-20 17:24:41 | 020,117,316 | ---- | M] () -- C:\sysiclog.txt.bak [2011-07-24 12:13:38 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:3B71D0B4 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CC02DF48 < End of report > [/log] [log]OTL Extras logfile created on: 2011-07-24 14:42:52 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Zamotasupuany\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 55,19% Memory free 6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254,15 Gb Total Space | 105,75 Gb Free Space | 41,61% Space Free | Partition Type: NTFS Drive D: | 29,19 Gb Total Space | 27,19 Gb Free Space | 93,16% Space Free | Partition Type: NTFS Computer Name: ZAMOTASUPUANYPC | User Name: Zamotasupuany | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 1 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{10AD9B54-0482-4B3D-B519-A6A2A814944B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{391C25C6-A35C-4CBC-89CF-9AC316553F8B}" = rport=139 | protocol=6 | dir=out | app=system | "{3EAF38CA-5D8F-4F6F-BC9B-864D184B661C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{404C6E67-0767-407F-965D-040ACC338B56}" = rport=137 | protocol=17 | dir=out | app=system | "{5CDAA2D0-4B06-4444-B34C-67859A87DA7A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{6131E32B-E808-4FA7-A502-EEAAB603429D}" = lport=137 | protocol=17 | dir=in | app=system | "{64BBBB5B-3F91-4654-84DC-7B3BF47B4D1B}" = lport=138 | protocol=17 | dir=in | app=system | "{7AC0EAE3-BCEE-4F5F-B0DC-9A221C8D9DDA}" = lport=139 | protocol=6 | dir=in | app=system | "{8E17C9F0-4A2F-42EA-9408-8D864B5188CD}" = rport=138 | protocol=17 | dir=out | app=system | "{C31C2AAC-D599-4A24-92A7-5406BD20112D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D33E29E2-F484-42B5-B95B-2E74E8474FB8}" = rport=445 | protocol=6 | dir=out | app=system | "{DEFB4B6D-0990-41FA-A9EB-514319506D0A}" = lport=445 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00E2C714-6D37-487E-B846-D010B3A32FB2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{033A90B5-1728-4363-8ED2-613F43BCE99C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{0444A59E-FDD4-4623-A3DB-9F80416D0985}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe | "{16894A78-0D39-41F6-BCE4-8F4115FC13D2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "{1FA197CF-9ECA-497D-8441-B23D73DA0602}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{2410BC97-C947-4A91-99E9-5E879E212E24}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{29AC4365-4390-42A5-823A-9D2D63B1EE68}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{381BE12A-7223-4DB1-BCAD-125C5A431701}" = dir=in | app=c:\program files\lenovo\readycomm\readycomm.exe | "{3F03BA71-C676-4A17-880B-D1919653AA76}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{43C9D6B8-06EC-4762-92ED-BE171E7936C4}" = dir=out | app=c:\program files\lenovo\readycomm\filereceiver.exe | "{4DD36E3C-9530-4A46-9157-5A5A18E98A0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{4E6B256A-8887-464F-A783-A1E7F4453075}" = dir=out | app=c:\windows\system32\igrssvcs.exe | "{5195545E-902D-4F35-AA5B-C747DF4C1780}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{5539853D-5DB3-453C-B81E-C6B1751CCEB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{556B126F-0033-4E1F-B4F8-A3E47FACAFBC}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | "{5F6105A6-67F2-4C88-8C67-C30503247044}" = dir=in | app=c:\windows\system32\igrssvcs.exe | "{628AE2CD-2DBE-41ED-91BA-8975397A63DF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{65BE4336-054C-4E03-A016-B6AF426F0039}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{738DA78A-8A3E-44E7-B2D8-F4D1291086A4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{7F0AF988-8128-44AD-8298-7A2941F882A9}" = dir=in | app=c:\program files\lenovo\readycomm\filereceiver.exe | "{7FC7507D-9B31-4A48-99A2-758FDB13E510}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{85BCC107-7D13-4A9E-AC7F-9DC564C8EC7F}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe | "{95C2C3EC-2E35-4010-B71A-338C44AF1FED}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{B2D0EAA9-CD4E-4AA5-A09C-88609B10D881}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{B492A495-8F63-4CAB-AEA0-BC6CDA4017E0}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | "{BF342283-0287-4A35-853D-D9500C2EE3CD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{D0DBE4EE-E1BD-424E-943A-CBEE33FF914D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{D8EA5FDF-55E1-41DA-8A5E-E0499A0D73C9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{DA095DD2-1DD2-4F93-A3E4-C6B60B8CE060}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DB7FFE26-9071-45FB-933A-7510BBB53FBE}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{F39B2C77-1CCA-4DD6-8CA1-B5364C17147D}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | "{F9A9A8ED-B4C8-47EF-B9B3-2D3467A3052C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{25DDA4EC-DEBF-4297-B4DA-EEEF7FCEBA24}" = Lenovo Screensaver v1.0 for vista x86(en) "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4220_ProductContext "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6F89200D-9C19-42F7-A056-640C9D4C158C}" = English Translator XT "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}" = Lenovo System Repair - Windows Update Monitor "{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 4.0 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F32C384-D237-4516-9F2B-223E8963A2FB}" = Lager "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch "{A23E5590-6799-437B-9723-2627BA800B6F}" = Dolby Control Center "{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0 "{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management "{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4 "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B39AA98E-C966-46C9-ACA2-D2586E300988}" = WinFlash "{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200 "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm "{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer "{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4210_Help "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Pakiet sterowników systemu Windows - Nokia Modem (10/07/2010 4.6) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "ALLPlayer_is1" = ALLPlayer V4.X "Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.21 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BitTorrent" = BitTorrent "CCleaner" = CCleaner "Cool Edit Pro 2.0" = Cool Edit Pro 2.0 "CWK" = CWK (Czasowy Wyłącznik Komputera) "Defraggler" = Defraggler "E5372C32E8562C76C24DBA6525002B1031495F34" = Pakiet sterowników systemu Windows - Nokia Modem (06/09/2010 7.01.0.8) "EasyCapture3.0" = EasyCapture "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "Gadu-Gadu" = Gadu-Gadu 7.7 "GOM Player" = GOM Player "HijackThis" = HijackThis 2.0.2 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.0 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "InstallShield_{6F89200D-9C19-42F7-A056-640C9D4C158C}" = English Translator XT "IrfanView" = IrfanView (remove only) "Lenovo EasyCamera" = Lenovo EasyCamera "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl) "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Picasa 3" = Picasa 3 "PITy 2010_is1" = PITy 2010 dla Windows kompilacja:1.2.6.16 "RealPlayer 12.0" = RealPlayer "SMSERIAL" = Motorola SM56 Speakerphone Modem "SopCast" = SopCast 3.2.9 "SynTPDeinstKey" = Synaptics Pointing Device Driver "VeriFace III" = VeriFace III "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VideoLAN VLC media player 0.8.6d "WebSTAR DPX2100 Uninstall" = Scientific Atlanta WebSTAR 2000 series Cable Modem "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-02-13 14:43:46 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-13 15:20:57 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-14 01:36:41 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-14 10:52:23 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-14 12:52:23 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-14 14:00:30 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-14 16:39:07 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-15 01:30:43 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-15 02:21:11 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = Error - 2011-02-15 13:19:08 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10 Description = [ OSession Events ] Error - 2010-05-05 16:45:58 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash. Error - 2010-10-26 13:57:00 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error - 2010-12-12 10:18:37 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 186 seconds with 180 seconds of active time. This session ended with a crash. Error - 2011-04-27 01:28:49 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2011-07-23 14:10:29 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-07-23 14:10:32 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-07-23 14:11:24 | Computer Name = ZamotasupuanyPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2011-07-24 03:21:22 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-07-24 03:21:25 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-07-24 03:22:35 | Computer Name = ZamotasupuanyPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2011-07-24 06:15:27 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-07-24 06:15:30 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022 Description = Error - 2011-07-24 06:16:21 | Computer Name = ZamotasupuanyPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2011-07-24 08:14:09 | Computer Name = ZamotasupuanyPC | Source = bowser | ID = 8003 Description = < End of report > [/log] RSIT: [log]info.txt logfile of random's system information tool 1.09 2011-07-24 14:45:27 ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB} Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -maintain plugin Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} Adobe Reader 8.2.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A82000000003} Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228} Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86} Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD} ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe" Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ashampoo Burning Studio 9.21-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 9\unins000.exe" ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0015 -removeonly Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE BitTorrent-->C:\Program Files\BitTorrent\uninst.exe Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{A64A5576-D862-44F8-89DC-2B17FCC9B86E} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" COMODO Internet Security-->MsiExec.exe /I{CC6B1BB4-4E06-4A5B-A166-B371B551324B} Cool Edit Pro 2.0-->C:\Program Files\coolpro2\cep2unin.exe CWK (Czasowy Wyłącznik Komputera)-->"C:\Program Files\Damian Pasternak\CWK\CWK.exe" /uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Defraggler-->"C:\Program Files\Defraggler\uninst.exe" Dolby Control Center-->MsiExec.exe /I{A23E5590-6799-437B-9723-2627BA800B6F} EasyCapture-->C:\Program Files\Lenovo\EasyCapture\Uninstall.exe Energy Management-->C:\Program Files\InstallShield Installation Information\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}\setup.exe -runfromtemp -l0x0015 -removeonly English Translator XT-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6F89200D-9C19-42F7-A056-640C9D4C158C} Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} Free M4a to MP3 Converter 6.2-->"C:\Program Files\Free M4a to MP3 Converter\unins000.exe" Freez FLV to AVI/MPEG/WMV Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe" Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HijackThis 2.0.2-->"C:\Program Files\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7} IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe ITECIR Driver-->C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.exe -runfromtemp -l0x0015 -removeonly Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D} Lenovo EasyCamera-->C:\Windows\Uninstsxga.bat Lenovo OneKey Recovery-->"C:\Program Files\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall Lenovo ReadyComm 4.0-->MsiExec.exe /X{76C66170-C538-4E77-B54D-48E136B5B533} Lenovo Screensaver v1.0 for vista x86(en)-->MsiExec.exe /I{25DDA4EC-DEBF-4297-B4DA-EEEF7FCEBA24} Lenovo System Repair - Windows Update Monitor-->C:\Program Files\InstallShield Installation Information\{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}\setup.exe -runfromtemp -l0x0015 -removeonly Malwarebytes' Anti-Malware wersja 1.51.1.1800-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server Native Client-->MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E} Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller Mozilla Firefox 5.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nokia Connectivity Cable Driver-->MsiExec.exe /I{4216D328-0FE8-48B8-85B8-BD300E6F080F} Nokia PC Suite-->C:\ProgramData\Installations\{F38FD0E4-B991-462B-873D-F2115EADD093}\Nokia_PC_Suite_pol_web.exe Nokia PC Suite-->MsiExec.exe /I{F38FD0E4-B991-462B-873D-F2115EADD093} NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe Pakiet sterowników systemu Windows - Nokia Modem (06/09/2010 7.01.0.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_7bc077a4\nokbtmdm.inf Pakiet sterowników systemu Windows - Nokia Modem (10/07/2010 4.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_20216047\nokia_bluetooth.inf Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{D4AEC53C-1720-41D9-B6D7-6A60DE62D444} Picasa 3-->"C:\Users\Zamotasupuany\Downloads\Picasa3\Uninstall.exe" PITy 2010 dla Windows kompilacja:1.2.6.16-->"C:\Program Files\PITy\PITy2010NG\unins000.exe" Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03-->"C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -runfromtemp -l0x0009 anything -removeonly Scientific Atlanta WebSTAR 2000 series Cable Modem-->UNDPX2K.EXE Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263} Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D} Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1} Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} SopCast 3.2.9-->C:\Program Files\SopCast\uninst.exe Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} VeriFace III-->C:\Program Files\Lenovo\VeriFaceIII\Uninstall.exe VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B39AA98E-C966-46C9-ACA2-D2586E300988}\Setup.exe" -l0x9 ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: ZamotasupuanyPC Event Code: 4386 Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2506212-15_neutral_PACKAGE z pakietu KB2506212(Security Update) na Żądana instalacja(Install Requested). Record Number: 231345 Source Name: Microsoft-Windows-Servicing Time Written: 20110414145623.000000-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: ZamotasupuanyPC Event Code: 4376 Message: Obsługa zażądała ponownego uruchomienia w celu ukończenia operacji nadawania pakietowi KB2506212(Security Update) stanu Żądana instalacja(Install Requested). Record Number: 231344 Source Name: Microsoft-Windows-Servicing Time Written: 20110414145623.000000-000 Event Type: Ostrzeżenie User: ZARZĄDZANIE NT\SYSTEM Computer Name: ZamotasupuanyPC Event Code: 4386 Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2506212-5_neutral_GDR z pakietu KB2506212(Security Update) na Żądana instalacja(Install Requested). Record Number: 231343 Source Name: Microsoft-Windows-Servicing Time Written: 20110414145623.000000-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: ZamotasupuanyPC Event Code: 4376 Message: Obsługa zażądała ponownego uruchomienia w celu ukończenia operacji nadawania pakietowi KB2506212(Security Update) stanu Żądana instalacja(Install Requested). Record Number: 231342 Source Name: Microsoft-Windows-Servicing Time Written: 20110414145623.000000-000 Event Type: Ostrzeżenie User: ZARZĄDZANIE NT\SYSTEM Computer Name: ZamotasupuanyPC Event Code: 4386 Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2506212-6_neutral_PACKAGE z pakietu KB2506212(Security Update) na Żądana instalacja(Install Requested). Record Number: 231341 Source Name: Microsoft-Windows-Servicing Time Written: 20110414145623.000000-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM =====Application event log===== Computer Name: ZamotasupuanyPC Event Code: 6000 Message: Subskrybent powiadomień usługi winlogon <SessionEnv> był niedostępny i nie mógł obsłużyć zdarzenia powiadamiania. Record Number: 21742 Source Name: Microsoft-Windows-Winlogon Time Written: 20100720054750.000000-000 Event Type: Informacje User: Computer Name: ZamotasupuanyPC Event Code: 4101 Message: Sprawdzono poprawność licencji systemu Windows. Record Number: 21741 Source Name: Microsoft-Windows-Winlogon Time Written: 20100720054750.000000-000 Event Type: Informacje User: Computer Name: ZamotasupuanyPC Event Code: 902 Message: Usługa licencjonowania oprogramowania została uruchomiona. Record Number: 21740 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20100720054749.000000-000 Event Type: Informacje User: Computer Name: ZamotasupuanyPC Event Code: 1005 Message: Wynik użycia prawa systemu Windows: hr=0x0 Record Number: 21739 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20100720054748.000000-000 Event Type: Informacje User: Computer Name: ZamotasupuanyPC Event Code: 1003 Message: Usługa licencjonowania oprogramowania ukończyła sprawdzanie stanu licencjonowania. Identyfikator aplikacji=55c92734-d682-4d71-983e-d6ec3f16059f Stan licencji= {1,[11db994f-af86-4eb9-af35-fb4e3b0256f5, 8, 0xC004F014,0x0]} {1,[3a1d44e2-bede-46fb-8a02-0cd485a1db8b, 8, 0xC004F014,0x0]} {1,[6b16d38b-7dac-4614-9948-b4a92ddba889, 8, 0xC004F014,0x0]} {1,[9e042223-03bf-49ae-808f-ff37f128d40d, 8, 0xC004F014,0x0]} {1,[a3481201-436e-4fc9-88b4-34ccf7f81789, 8, 0xC004F014,0x0]} {1,[a4eec485-e375-48b4-8f51-80d13a4086b6, 8, 0xC004F014,0x0]} {1,[a7a4a974-ad47-420e-8e1a-83d28572058a, 8, 0xC004F014,0x0]} {1,[b6795467-dc45-4acf-af87-e948ee3f15f4, 8, 0xC004F014,0x0]} {1,[bffdc375-bbd5-499d-8ef1-4f37b61c895f, 0, 0x0,0x0],[0x0,0x0,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0,0,0x0]} {1,[c3505bd0-004a-49b9-84db-a1a4869eddf1, 8, 0xC004F014,0x0]} {1,[c5d8ec70-e2ae-42d8-aaa9-eec3772438ee, 8, 0xC004F014,0x0]} {1,[cdb090c3-053c-4cd1-9cb2-e35b1738747a, 8, 0xC004F014,0x0]} {1,[da0483a8-c443-45fd-9b52-2bba9b2ee8ab, 8, 0xC004F014,0x0]} {1,[e05164a4-fb9a-471f-8c3a-6959b4cf1b72, 8, 0xC004F014,0x0]} {1,[f3acdd3c-119a-4932-a3d7-0b6f33a1dca9, 8, 0xC004F014,0x0]} {1,[afd5f68f-b70f-4000-a21d-28dbc8be8b07, 8, 0xC004F014,0x0]} Record Number: 21738 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20100720054748.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: ZamotasupuanyPC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: ZAMOTASUPUANYPC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 2 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-21-1887336032-4259408775-1316863837-1004 Nazwa konta: Zamotasupuany Domena konta: ZamotasupuanyPC Identyfikator logowania: 0x23f2c Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x498 Nazwa procesu: C:\Windows\System32\winlogon.exe Informacje o sieci: Nazwa stacji roboczej: ZAMOTASUPUANYPC Adres źródłowy sieci: 127.0.0.1 Port źródłowy: 0 Szczegółowe informacje o uwierzytelnianiu: Proces logowania: User32 Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 447630 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110331145137.026291-000 Event Type: Sukces inspekcji User: Computer Name: ZamotasupuanyPC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: ZAMOTASUPUANYPC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 2 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-21-1887336032-4259408775-1316863837-1004 Nazwa konta: Zamotasupuany Domena konta: ZamotasupuanyPC Identyfikator logowania: 0x23ef8 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x498 Nazwa procesu: C:\Windows\System32\winlogon.exe Informacje o sieci: Nazwa stacji roboczej: ZAMOTASUPUANYPC Adres źródłowy sieci: 127.0.0.1 Port źródłowy: 0 Szczegółowe informacje o uwierzytelnianiu: Proces logowania: User32 Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 447629 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110331145137.026291-000 Event Type: Sukces inspekcji User: Computer Name: ZamotasupuanyPC Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: ZAMOTASUPUANYPC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: Zamotasupuany Domena konta: ZamotasupuanyPC Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x498 Nazwa procesu: C:\Windows\System32\winlogon.exe Informacje o sieci: Adres sieciowy: 127.0.0.1 Port: 0 To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 447628 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110331145137.026291-000 Event Type: Sukces inspekcji User: Computer Name: ZamotasupuanyPC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 447627 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110331145134.077891-000 Event Type: Sukces inspekcji User: Computer Name: ZamotasupuanyPC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: ZAMOTASUPUANYPC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x33c Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 447626 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20110331145134.077891-000 Event Type: Sukces inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "configsetroot"=%SystemRoot%\ConfigSetRoot "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- [/log] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Zamotasupuany at 2011-07-24 14:45:12 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 108 GB (41%) free of 260 GB Total RAM: 3068 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:45:21, on 2011-07-24 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Program Files\ATK Hotkey\HControlUser.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Lenovo\Energy Management\utility.exe C:\Program Files\Lenovo\Energy Management\Energy Management.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\mobsync.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Zamotasupuany\Desktop\OTL.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Zamotasupuany\Desktop\RSIT.exe C:\Program Files\trend micro\Zamotasupuany.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe" O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: System Repair Windows Update Monitor (System_Repair_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- End of file - 8003 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Users\Zamotasupuany\Downloads\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4] "Description"=Office Live Update v1.4 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732] "Description"=RealJukebox Netscape Plugin "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0] "Description"=RealPlayer(tm) HTML5VideoShim Plug-In "Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732] "Description"=6.0.12.732 "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nppl3260.xpt nsIQTScriptablePlugin.xpt nsJSRealPlayerPlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll np32dsw.dll npdeployJava1.dll NPOFF12.DLL nppdf32.dll nppl3260.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll nprjplug.dll nprpjplug.dll QuickTimePlugin.class ShockwavePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ allegro-pl.xml BearShareWebSearch.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\extensions\ {20a82645-c095-46ed-80e3-08825760534b} {E84D42CA-64EB-11DE-A65F-8C3656D89593} C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\searchplugins\ youtube.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - &Tłumaczenie - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll [2005-11-05 323584] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2008-06-11 1454080] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-05-29 1111336] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-15 13560352] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-15 92704] "HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-07-03 98304] "UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216] "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552] "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-02 281768] "EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2008-05-22 5207880] "Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2008-05-22 8824648] "NPSStartup"= [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "Google Update"=C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-13 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2010-03-29 2356088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe [2010-03-24 1432064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-13 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Readycomm] C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe [2007-06-03 425984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Windows\RtHDVCpl.exe [2008-09-09 6281760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] C:\Windows\Skytel.exe [2008-09-09 1833504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-04-15 202256] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}] C:\Windows\test.bat [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe [2009-09-20 2916352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2008-08-26 752168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\Windows\system32\guard32.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.l3codecp"=l3codecp.acm "msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM "wave2"=serwvdrv.dll "wave4"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave5"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave3"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "vidc.XVID"=xvidvfw.dll "msacm.divxa32"=msaud32_divx.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2011-07-24 14:45:14 ----D---- C:\Program Files\trend micro 2011-07-24 14:45:12 ----D---- C:\rsit 2011-07-24 11:26:31 ----D---- C:\Program Files\HijackThis 2011-07-16 21:10:32 ----A---- C:\Windows\system32\win32k.sys 2011-07-16 21:10:31 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS 2011-07-16 21:10:31 ----A---- C:\Windows\system32\drivers\bthport.sys 2011-07-16 21:10:09 ----A---- C:\Windows\system32\winsrv.dll 2011-07-16 21:10:09 ----A---- C:\Windows\system32\csrsrv.dll 2011-07-16 21:10:08 ----A---- C:\Windows\system32\kernel32.dll 2011-06-29 21:23:00 ----A---- C:\Windows\system32\schannel.dll 2011-06-25 19:25:54 ----D---- C:\Program Files\autostitch ======List of files/folders modified in the last 1 month====== 2011-07-24 14:45:18 ----D---- C:\Windows\Temp 2011-07-24 14:45:14 ----RD---- C:\Program Files 2011-07-24 14:43:54 ----SHD---- C:\System Volume Information 2011-07-24 14:41:19 ----D---- C:\Windows\Prefetch 2011-07-24 14:25:35 ----D---- C:\Users\Zamotasupuany\AppData\Roaming\Winamp 2011-07-24 14:22:58 ----D---- C:\Windows\System32 2011-07-24 14:22:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-07-24 14:22:57 ----D---- C:\Windows\inf 2011-07-24 12:21:20 ----D---- C:\Joanna Leśków 2011-07-24 12:15:31 ----A---- C:\sysiclog.txt 2011-07-24 12:12:16 ----D---- C:\Windows\system32\catroot 2011-07-24 12:09:19 ----SHD---- C:\Windows\Installer 2011-07-24 12:09:19 ----HD---- C:\Program Files\InstallShield Installation Information 2011-07-24 12:09:18 ----D---- C:\Program Files\Samsung 2011-07-24 12:08:46 ----D---- C:\Windows\system32\drivers 2011-07-24 12:08:39 ----D---- C:\Windows\system32\catroot2 2011-07-24 12:07:09 ----D---- C:\Windows\winsxs 2011-07-24 12:06:41 ----D---- C:\Users\Zamotasupuany\AppData\Roaming\Samsung 2011-07-24 11:45:39 ----SD---- C:\Users\Zamotasupuany\AppData\Roaming\Microsoft 2011-07-24 11:20:47 ----D---- C:\Users\Zamotasupuany\AppData\Roaming\BitTorrent 2011-07-24 11:20:46 ----D---- C:\Windows\Logs 2011-07-24 10:02:06 ----RSD---- C:\Windows\assembly 2011-07-20 17:24:41 ----A---- C:\sysiclog.txt.bak 2011-07-18 20:09:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-07-17 15:02:45 ----D---- C:\Windows\system32\WDI 2011-07-17 13:41:10 ----D---- C:\Program Files\Defraggler 2011-07-17 09:40:18 ----D---- C:\Windows\Debug 2011-07-17 09:40:18 ----D---- C:\Windows 2011-07-17 08:27:28 ----A---- C:\Windows\system32\ICAutoUpdate.log.bak 2011-07-16 21:11:29 ----A---- C:\Windows\system32\mrt.exe 2011-07-03 10:57:30 ----A---- C:\AutoMapaSetupLog.txt 2011-06-30 10:37:25 ----A---- C:\Windows\system32\guard32.dll 2011-06-29 22:18:05 ----RSD---- C:\Windows\Fonts 2011-06-29 21:23:59 ----D---- C:\Program Files\Microsoft Office 2011-06-26 21:13:09 ----D---- C:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-09-12 327192] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-25 436792] R0 Wdkbdmou;Lenovo RMCT KbdMou Service; C:\Windows\system32\DRIVERS\Wdkbdmou.sys [2008-06-13 8832] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-28 138192] R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-06-30 238960] R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-06-30 36568] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088] R1 funfrm;funfrm; C:\Windows\system32\drivers\funfrm.sys [2009-09-20 49472] R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-06-30 82400] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-28 66616] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-06-25 47104] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400] R2 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-08-29 48192] R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-09 2167128] R3 MODEMCSA;Urządzenie filtru strumieniowego usługi Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680] R3 NETw5v32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-05 45600] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-15 7699392] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2008-06-11 1097856] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-05-29 199600] R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208] R3 vhidmini;ITECIR Hid Driver; C:\Windows\system32\DRIVERS\ITEhidCIR.sys [2008-01-24 10880] R3 wdmirror;wdmirror; C:\Windows\system32\DRIVERS\WDMirror.sys [2008-06-13 8832] S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-07-31 81960] S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-31 100392] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-31 17320] S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-11-02 36608] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-23 1747200] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [] S3 USBCM;Scientific Atlanta USB Cable Modem Driver; C:\Windows\system32\DRIVERS\Sacm2K.sys [2004-06-10 15429] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-24 128104] S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2008-01-10 81192] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-06-28 269480] R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 btwdins;Bluetooth Service; c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [2008-08-26 522792] R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-15 203296] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-28 136176] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-28 136176] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120] S3 IncSvc;ReadyComm Network Monitor and Configuration; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736] S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840] -----------------EOF----------------- [/log]
wirusolog komentarz 25 lipca 2011 komentarz 25 lipca 2011 (edytowane) [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL O4 - HKLM..\Run: [NPSStartup] File not found O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. [2010-12-30 16:26:05 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - File not found MsConfig - StartUpReg: Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0} - hkey= - key= - File not found @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:3B71D0B4 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CC02DF48 :Files C:\Windows\System32\icrav03.rat C:\Windows\System32\ticrf.rat C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004UA.job :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. Pokaż po restarcie który wyskoczy. [b]2.[/b] Poproszę o wykaz z [url=http://www.hotfix.pl/instrukcja-obslugi-tdsskiller-a341.htm][b][color=blue][u]TDSSKiller'a[/url][/b][/color][/u]. 1
Zamotasupuany komentarz 25 lipca 2011 Autor komentarz 25 lipca 2011 [log]2011/07/25 15:52:44.0413 TDSS rootkit removing tool 2.4.1.3 Aug 27 2010 08:53:42 2011/07/25 15:52:44.0413 ================================================================================ 2011/07/25 15:52:44.0413 SystemInfo: 2011/07/25 15:52:44.0413 2011/07/25 15:52:44.0413 OS Version: 6.0.6002 ServicePack: 2.0 2011/07/25 15:52:44.0413 Product type: Workstation 2011/07/25 15:52:44.0413 ComputerName: ZAMOTASUPUANYPC 2011/07/25 15:52:44.0413 UserName: Zamotasupuany 2011/07/25 15:52:44.0413 Windows directory: C:\Windows 2011/07/25 15:52:44.0413 System windows directory: C:\Windows 2011/07/25 15:52:44.0413 Processor architecture: Intel x86 2011/07/25 15:52:44.0413 Number of processors: 2 2011/07/25 15:52:44.0413 Page size: 0x1000 2011/07/25 15:52:44.0413 Boot type: Normal boot 2011/07/25 15:52:44.0413 ================================================================================ 2011/07/25 15:53:21.0386 Initialize success 2011/07/25 15:53:32.0743 ================================================================================ 2011/07/25 15:53:32.0743 Scan started 2011/07/25 15:53:32.0743 Mode: Manual; 2011/07/25 15:53:32.0743 ================================================================================ 2011/07/25 15:53:33.0133 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/07/25 15:53:33.0226 ACPIVPC (87114efedeb94af49323ca61f344716d) C:\Windows\system32\DRIVERS\AcpiVpc.sys 2011/07/25 15:53:33.0320 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/07/25 15:53:33.0382 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/07/25 15:53:33.0429 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/07/25 15:53:33.0476 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/07/25 15:53:33.0601 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/07/25 15:53:33.0679 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/07/25 15:53:33.0726 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/07/25 15:53:33.0772 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/07/25 15:53:33.0819 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/07/25 15:53:33.0866 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/07/25 15:53:33.0897 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/07/25 15:53:33.0975 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/07/25 15:53:34.0053 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/07/25 15:53:34.0100 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/07/25 15:53:34.0178 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/07/25 15:53:34.0287 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/07/25 15:53:34.0381 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/07/25 15:53:34.0428 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/07/25 15:53:34.0506 b57nd60x (7d0f2bfa273831124fa08526af48af18) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/07/25 15:53:34.0584 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/07/25 15:53:34.0662 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/07/25 15:53:34.0724 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/07/25 15:53:34.0771 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/07/25 15:53:34.0818 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/07/25 15:53:34.0880 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/07/25 15:53:34.0942 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/07/25 15:53:34.0989 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/07/25 15:53:35.0020 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/07/25 15:53:35.0098 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/07/25 15:53:35.0176 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/07/25 15:53:35.0239 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/07/25 15:53:35.0364 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 2011/07/25 15:53:35.0426 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 2011/07/25 15:53:35.0504 btwaudio (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys 2011/07/25 15:53:35.0551 btwavdt (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys 2011/07/25 15:53:35.0613 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/07/25 15:53:35.0660 btwrchid (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/07/25 15:53:35.0707 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/07/25 15:53:35.0785 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/07/25 15:53:35.0847 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/07/25 15:53:35.0910 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/07/25 15:53:36.0003 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/07/25 15:53:36.0066 cmdGuard (bbe32e04e88b0048ec16f1d6c8936c4b) C:\Windows\system32\DRIVERS\cmdguard.sys 2011/07/25 15:53:36.0112 cmdHlp (497590ea7a94b98ea7a4516ebf0fb8d2) C:\Windows\system32\DRIVERS\cmdhlp.sys 2011/07/25 15:53:36.0159 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/07/25 15:53:36.0190 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/07/25 15:53:36.0222 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/07/25 15:53:36.0268 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/07/25 15:53:36.0331 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/07/25 15:53:36.0409 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/07/25 15:53:36.0502 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2011/07/25 15:53:36.0565 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/07/25 15:53:36.0596 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/07/25 15:53:36.0674 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/07/25 15:53:36.0736 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/07/25 15:53:36.0799 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/07/25 15:53:36.0877 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/07/25 15:53:36.0955 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys 2011/07/25 15:53:37.0048 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/07/25 15:53:37.0111 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/07/25 15:53:37.0204 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/07/25 15:53:37.0267 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/07/25 15:53:37.0345 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/07/25 15:53:37.0407 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/07/25 15:53:37.0438 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/07/25 15:53:37.0470 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/07/25 15:53:37.0532 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/07/25 15:53:37.0626 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS 2011/07/25 15:53:37.0704 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/07/25 15:53:37.0797 funfrm (000b97efe617d05f197420e4112dc8a8) C:\Windows\system32\drivers\funfrm.sys 2011/07/25 15:53:37.0844 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/07/25 15:53:37.0938 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/07/25 15:53:38.0031 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/07/25 15:53:38.0109 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/07/25 15:53:38.0156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/07/25 15:53:38.0218 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/07/25 15:53:38.0296 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/07/25 15:53:38.0406 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/07/25 15:53:38.0468 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/07/25 15:53:38.0530 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/07/25 15:53:38.0593 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\Windows\system32\DRIVERS\iaStor.sys 2011/07/25 15:53:38.0640 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/07/25 15:53:38.0749 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/07/25 15:53:38.0920 inspect (1c65e930aba113f2ce59d32c7d8bc03f) C:\Windows\system32\DRIVERS\inspect.sys 2011/07/25 15:53:39.0217 IntcAzAudAddService (2e06052066ce4489cdfbfb8329ea52b1) C:\Windows\system32\drivers\RTKVHDA.sys 2011/07/25 15:53:39.0420 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/07/25 15:53:39.0482 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/07/25 15:53:39.0544 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/07/25 15:53:39.0622 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/07/25 15:53:39.0669 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/07/25 15:53:39.0716 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/07/25 15:53:39.0778 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/07/25 15:53:39.0825 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/07/25 15:53:39.0872 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/07/25 15:53:39.0919 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/07/25 15:53:39.0966 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/07/25 15:53:40.0044 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/07/25 15:53:40.0122 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/07/25 15:53:40.0246 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/07/25 15:53:40.0309 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/07/25 15:53:40.0340 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/07/25 15:53:40.0387 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/07/25 15:53:40.0434 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/07/25 15:53:40.0480 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/07/25 15:53:40.0543 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/07/25 15:53:40.0605 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/07/25 15:53:40.0652 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys 2011/07/25 15:53:40.0683 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/07/25 15:53:40.0714 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/07/25 15:53:40.0761 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/07/25 15:53:40.0792 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/07/25 15:53:40.0839 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/07/25 15:53:40.0886 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/07/25 15:53:40.0948 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/07/25 15:53:41.0026 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/07/25 15:53:41.0073 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/07/25 15:53:41.0120 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/07/25 15:53:41.0167 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/07/25 15:53:41.0229 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/07/25 15:53:41.0276 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/07/25 15:53:41.0307 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/07/25 15:53:41.0354 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/07/25 15:53:41.0416 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/07/25 15:53:41.0448 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/07/25 15:53:41.0494 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/07/25 15:53:41.0541 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/07/25 15:53:41.0588 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/07/25 15:53:41.0619 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/07/25 15:53:41.0682 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys 2011/07/25 15:53:41.0713 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/07/25 15:53:41.0775 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/07/25 15:53:41.0838 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/07/25 15:53:41.0900 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/07/25 15:53:41.0931 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/07/25 15:53:41.0994 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/07/25 15:53:42.0040 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/07/25 15:53:42.0087 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/07/25 15:53:42.0150 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/07/25 15:53:42.0352 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys 2011/07/25 15:53:42.0493 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/07/25 15:53:42.0602 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/07/25 15:53:42.0633 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/07/25 15:53:42.0711 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/07/25 15:53:42.0820 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/07/25 15:53:42.0852 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/07/25 15:53:42.0898 NVHDA (faa22e6256d9fa2c7f77b67c68cdd749) C:\Windows\system32\drivers\nvhda32v.sys 2011/07/25 15:53:43.0148 nvlddmkm (d21c2edcce6c3d6d3bc39d3d4912aa60) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/07/25 15:53:43.0366 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/07/25 15:53:43.0413 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/07/25 15:53:43.0491 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/07/25 15:53:43.0678 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/07/25 15:53:43.0756 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/07/25 15:53:43.0819 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/07/25 15:53:43.0866 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/07/25 15:53:43.0928 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys 2011/07/25 15:53:43.0959 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/07/25 15:53:43.0990 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/07/25 15:53:44.0037 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/07/25 15:53:44.0115 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/07/25 15:53:44.0287 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/07/25 15:53:44.0318 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/07/25 15:53:44.0412 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/07/25 15:53:44.0505 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/07/25 15:53:44.0568 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/07/25 15:53:44.0614 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/07/25 15:53:44.0661 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/07/25 15:53:44.0708 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/07/25 15:53:44.0755 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/07/25 15:53:44.0786 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/07/25 15:53:44.0848 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/07/25 15:53:44.0895 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/07/25 15:53:44.0942 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/07/25 15:53:44.0973 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/07/25 15:53:45.0051 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/07/25 15:53:45.0129 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/07/25 15:53:45.0192 rimmptsk (ded01a389926a89540b82373e4c550ee) C:\Windows\system32\DRIVERS\rimmptsk.sys 2011/07/25 15:53:45.0238 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys 2011/07/25 15:53:45.0270 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys 2011/07/25 15:53:45.0332 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/07/25 15:53:45.0379 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/07/25 15:53:45.0472 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2011/07/25 15:53:45.0535 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/07/25 15:53:45.0582 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/07/25 15:53:45.0613 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/07/25 15:53:45.0644 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/07/25 15:53:45.0722 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/07/25 15:53:45.0738 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/07/25 15:53:45.0800 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/07/25 15:53:45.0831 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/07/25 15:53:45.0878 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/07/25 15:53:45.0909 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/07/25 15:53:45.0956 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/07/25 15:53:46.0018 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/07/25 15:53:46.0096 smserial (5e62ba073c90e6c9d4ea199d6080f919) C:\Windows\system32\DRIVERS\smserial.sys 2011/07/25 15:53:46.0237 SNP2UVC (1c3ebfd0c355ce8ada349f09fe85fbca) C:\Windows\system32\DRIVERS\snp2uvc.sys 2011/07/25 15:53:46.0330 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/07/25 15:53:46.0424 sptd (a199171385be17973fd800fa91f8f78a) C:\Windows\system32\Drivers\sptd.sys 2011/07/25 15:53:46.0424 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a 2011/07/25 15:53:46.0424 sptd - detected Locked file (1) 2011/07/25 15:53:46.0471 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/07/25 15:53:46.0549 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/07/25 15:53:46.0580 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/07/25 15:53:46.0658 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/07/25 15:53:46.0720 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/07/25 15:53:46.0767 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/07/25 15:53:46.0798 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/07/25 15:53:46.0845 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/07/25 15:53:46.0908 SynTP (3a2c66f1019fc72dd30b5a8b3570a6a9) C:\Windows\system32\DRIVERS\SynTP.sys 2011/07/25 15:53:47.0048 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/07/25 15:53:47.0126 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/07/25 15:53:47.0173 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/07/25 15:53:47.0220 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/07/25 15:53:47.0266 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/07/25 15:53:47.0313 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/07/25 15:53:47.0360 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/07/25 15:53:47.0469 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/07/25 15:53:47.0516 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/07/25 15:53:47.0578 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/07/25 15:53:47.0625 tvtumon (3385d48304443d0ee42af5dbf89634b6) C:\Windows\system32\DRIVERS\tvtumon.sys 2011/07/25 15:53:47.0672 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/07/25 15:53:47.0734 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/07/25 15:53:47.0812 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/07/25 15:53:47.0844 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/07/25 15:53:47.0906 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/07/25 15:53:47.0968 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/07/25 15:53:48.0015 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/07/25 15:53:48.0124 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/07/25 15:53:48.0156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/07/25 15:53:48.0234 USBCM (d21cde1c635bcc5053463579eee453cf) C:\Windows\system32\DRIVERS\Sacm2K.sys 2011/07/25 15:53:48.0280 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/07/25 15:53:48.0343 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/07/25 15:53:48.0390 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/07/25 15:53:48.0436 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/07/25 15:53:48.0483 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/07/25 15:53:48.0530 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/07/25 15:53:48.0561 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/07/25 15:53:48.0608 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/07/25 15:53:48.0655 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys 2011/07/25 15:53:48.0717 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/07/25 15:53:48.0748 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/07/25 15:53:48.0811 vhidmini (8e969805420e8a28822d539327ce8fff) C:\Windows\system32\DRIVERS\ITEhidCIR.sys 2011/07/25 15:53:48.0842 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/07/25 15:53:48.0904 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/07/25 15:53:48.0951 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/07/25 15:53:48.0982 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/07/25 15:53:49.0045 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/07/25 15:53:49.0092 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/07/25 15:53:49.0154 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/07/25 15:53:49.0216 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/07/25 15:53:49.0263 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/25 15:53:49.0279 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/25 15:53:49.0341 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/07/25 15:53:49.0404 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/07/25 15:53:49.0466 Wdkbdmou (c7d64b97b0667f5a0e489b3f85ba02f2) C:\Windows\system32\DRIVERS\Wdkbdmou.sys 2011/07/25 15:53:49.0497 wdmirror (e4dc54e432e479a15c56de6cbc85a154) C:\Windows\system32\DRIVERS\WDMirror.sys 2011/07/25 15:53:49.0591 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/07/25 15:53:49.0700 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys 2011/07/25 15:53:49.0762 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/07/25 15:53:49.0840 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/07/25 15:53:49.0872 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/07/25 15:53:49.0965 WSVD (5d0a08ebf9660e07865907fb1ab022b5) C:\Windows\system32\drivers\WSVD.sys 2011/07/25 15:53:50.0043 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/07/25 15:53:50.0121 ================================================================================ 2011/07/25 15:53:50.0121 Scan finished 2011/07/25 15:53:50.0121 ================================================================================ 2011/07/25 15:53:50.0137 Detected object count: 1 2011/07/25 15:54:15.0549 Locked file(sptd) - User select action: Skip [/log] wielkie dzięki za pomoc
wirusolog komentarz 25 lipca 2011 komentarz 25 lipca 2011 Gdzie raport z usuwania OTL'em? TDSSKiller wykrył jedynie [b]sptd[/b] który został zmodyfikowany przez jakiś program emulujący napędy.
Zamotasupuany komentarz 25 lipca 2011 Autor komentarz 25 lipca 2011 (edytowane) nie mam raportu z usuwania OTL'em (nie ma go w miejscu, gdzie mam program), przeskanowałem jeszcze raz i wrzucam loga: [log]OTL logfile created on: 2011-07-25 17:18:06 - Run 2 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Zamotasupuany\Desktop\Ochrona Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,00% Memory free 6,19 Gb Paging File | 4,99 Gb Available in Paging File | 80,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254,15 Gb Total Space | 105,95 Gb Free Space | 41,69% Space Free | Partition Type: NTFS Drive D: | 29,19 Gb Total Space | 27,19 Gb Free Space | 93,16% Space Free | Partition Type: NTFS Computer Name: ZAMOTASUPUANYPC | User Name: Zamotasupuany | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\Ochrona\OTL.exe PRC - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2011-06-30 10:37:05 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011-06-26 21:13:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-11-28 14:28:23 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2010-11-13 14:57:24 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe PRC - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-11-02 16:44:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-09-22 12:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010-08-17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 08:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-01-15 19:32:59 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe PRC - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe PRC - [2008-08-12 02:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe PRC - [2008-07-03 11:29:48 | 000,098,304 | R--- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe PRC - [2008-06-11 12:16:11 | 001,454,080 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2008-06-06 00:40:40 | 000,102,400 | R--- | M] () -- C:\Program Files\ATK Hotkey\LOSD.exe PRC - [2008-05-29 10:29:45 | 000,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2008-05-29 10:29:39 | 001,111,336 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2008-05-22 02:56:32 | 005,207,880 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2008-05-22 02:52:34 | 008,824,648 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2008-05-10 03:55:24 | 002,555,904 | R--- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2008-01-23 19:51:28 | 000,151,552 | R--- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2008-01-21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2007-11-05 04:48:06 | 000,106,496 | R--- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe PRC - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\Ochrona\OTL.exe MOD - [2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll MOD - [2011-04-12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-12-20 18:35:04 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-10-15 15:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 11:46:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Start_Pending] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect) DRV - [2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010-09-25 11:36:56 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-09-20 11:29:48 | 000,049,472 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009-05-19 06:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009-01-15 19:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-09-05 19:50:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-08-29 03:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-25 00:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008-06-13 21:23:12 | 000,008,832 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2008-06-13 21:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Wdkbdmou.sys -- (Wdkbdmou) DRV - [2008-06-11 12:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2008-05-23 02:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008-04-28 00:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel(R) DRV - [2008-01-24 19:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini) DRV - [2008-01-10 19:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2007-07-30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-07-30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007-05-24 01:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006-12-14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2004-06-10 10:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2K.sys -- (USBCM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Users\Zamotasupuany\Downloads\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Zamotasupuany\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-26 21:13:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-29 20:41:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M] [2010-12-30 16:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Extensions [2011-07-02 07:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions [2010-08-20 17:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-03 17:45:03 | 000,004,140 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\searchplugins\youtube.xml [2011-06-16 18:46:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-06-03 15:59:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-17 06:53:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-11-10 23:35:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-01-15 11:45:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-02-20 22:24:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-06-16 18:46:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\ZAMOTASUPUANY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P881FOPR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011-06-26 21:13:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-09-14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 10.1.1.1 O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-07-03 10:57:30 | 000,110,386 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell - "" = AutoRun O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell - "" = AutoRun O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell\AutoRun\command - "" = F:\setup.exe /autorun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AdobeUpdater[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: [b]Readycomm[/b] - hkey= - key= - C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited) MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: [b]VeriFaceManager[/b] - hkey= - key= - C:\Program Files\Lenovo\VeriFaceIII\PManage.exe () MsConfig - StartUpReg: [b]VirtualCloneDrive[/b] - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) MsConfig - State: "bootini" - 2 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-07-25 15:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\tdsskiller [2011-07-25 15:19:14 | 000,000,000 | ---D | C] -- C:\_OTL [2011-07-24 14:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-07-24 14:45:12 | 000,000,000 | ---D | C] -- C:\rsit [2011-07-24 13:39:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Desktop\muzyka od izy stasikowskiej [2011-07-24 11:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis [2011-07-24 10:08:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My NPS Files [2011-07-24 10:07:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My Art [2011-07-23 21:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K11 [2011-07-23 11:26:26 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Miuosh-Piata_Strona_Swiata-WEB-PL-2011 [2011-07-03 12:28:53 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\imieniny babci [2011-06-25 19:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\autostitch [2011-06-20 17:37:31 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{F9796FA1-8F59-4F22-84FD-D79B08D54776} [2011-06-19 22:33:17 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{2C6E3E19-742B-482B-B9C3-9864917ACEFE} [2011-06-19 21:38:51 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\The Witcher 2 [2011-06-16 18:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-06-16 18:46:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-06-08 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\wykłady [2011-06-06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\MaxFloRec - Podaj Dalej (2009) [2011-06-06 19:48:45 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Fokus-Prewersje-CD-PL-2011-211 [2011-05-31 19:14:55 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia [2011-05-31 19:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite [2011-05-31 19:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2011-05-31 19:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2011-05-31 19:09:27 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys [2011-05-31 19:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2011-05-31 19:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2010-03-27 10:58:56 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2K.sys [2009-09-20 10:46:14 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-07-25 17:09:49 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-07-25 17:09:46 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-07-25 17:09:35 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2011-07-25 17:09:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-07-25 17:09:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-07-25 17:09:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-07-25 16:07:37 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-07-24 20:32:47 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-07-24 20:32:47 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-07-24 20:32:47 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-07-24 20:32:47 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-07-24 13:46:14 | 000,169,472 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-23 09:55:08 | 005,709,006 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3 [2011-07-21 17:45:09 | 000,006,763 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u [2011-07-17 15:55:39 | 000,045,362 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg [2011-07-17 08:27:13 | 000,390,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-07-16 21:13:31 | 000,002,082 | ---- | M] () -- C:\Users\Zamotasupuany\Desktop\Google Chrome.lnk [2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys [2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys [2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys [2011-06-30 10:37:53 | 000,019,088 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys [2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll [2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011-06-17 06:29:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011-06-01 21:24:23 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-07-23 09:55:08 | 005,709,006 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3 [2011-07-21 17:45:08 | 000,006,763 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u [2011-07-17 15:55:36 | 000,045,362 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg [2011-06-19 22:30:13 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011-06-01 21:24:23 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-07 17:56:16 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011-05-07 17:56:16 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011-01-06 10:07:03 | 000,000,680 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\d3d9caps.dat [2010-12-27 18:41:15 | 000,000,245 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Roaming\burnaware.ini [2010-08-21 12:24:15 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll [2010-08-21 12:24:15 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-08-20 20:55:49 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2010-08-08 14:31:49 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini [2010-08-08 14:26:53 | 000,000,016 | ---- | C] () -- C:\Windows\system87sG.dat [2010-04-19 21:44:00 | 000,175,068 | ---- | C] () -- C:\Windows\hpoins28.dat.temp [2010-04-19 21:44:00 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp [2010-04-19 18:34:08 | 000,177,422 | ---- | C] () -- C:\Windows\hpoins28.dat [2010-04-19 18:34:08 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat [2010-03-27 11:32:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-03-27 11:32:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010-03-27 10:58:56 | 000,135,168 | ---- | C] () -- C:\Windows\UNDPX2K.exe [2010-03-27 10:58:56 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2K.sys [2010-03-24 20:27:50 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-03-24 19:34:22 | 000,169,472 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-20 12:04:24 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009-09-20 11:47:04 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll [2009-09-20 11:47:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll [2009-09-20 11:47:03 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll [2009-09-20 11:47:03 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll [2009-09-20 11:47:03 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll [2009-09-20 11:47:02 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll [2009-09-20 11:47:02 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll [2009-09-20 11:47:02 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll [2009-09-20 11:47:02 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll [2009-09-20 11:47:02 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll [2009-09-20 11:47:02 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll [2009-09-20 11:47:02 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll [2009-09-20 11:47:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll [2009-09-20 11:47:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll [2009-09-20 11:47:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll [2009-09-20 11:41:03 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009-09-20 11:29:50 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009-09-20 11:29:50 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys [2009-09-20 11:29:46 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll [2009-09-20 10:46:13 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009-09-20 10:46:13 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2009-09-20 10:25:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009-09-20 09:53:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-09-20 09:33:44 | 000,662,056 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-09-20 09:33:44 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-09-20 09:33:44 | 000,126,908 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-09-20 09:33:44 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-20 20:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe [2009-07-20 20:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe [2009-03-03 11:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008-08-26 21:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008-06-13 21:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys [2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007-04-16 12:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin [2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 000,390,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001-11-14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-04-06 19:41:49 | 000,000,000 | -HSD | M] -- C:\Users\Zamotasupuany\AppData\Roaming\.# [2010-03-28 08:55:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Ashampoo [2010-11-06 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\avidemux [2011-07-24 21:44:22 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\BitTorrent [2011-05-19 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Broad Intelligence [2011-03-25 21:11:45 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\DAEMON Tools Lite [2011-03-16 21:24:54 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\FreshDiagnose [2010-05-10 19:13:14 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Gadu-Gadu [2010-11-12 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\IrfanView [2011-03-25 21:33:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Leadertech [2010-03-24 16:48:38 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Lenovo [2011-05-31 19:27:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia [2010-05-02 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\OfficeRecovery [2010-10-16 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\PC Suite [2011-07-24 12:06:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Samsung [2011-01-23 13:41:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\SharePod [2010-10-20 17:56:04 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Windows Live Writer [2011-07-25 16:07:37 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2011-07-03 10:57:30 | 000,110,386 | ---- | M] () -- C:\AutoMapaSetupLog.txt [2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008-02-03 23:34:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-07-25 17:09:31 | 003,096,353 | ---- | M] () -- C:\FaceProv.log [2010-05-03 16:21:05 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt [2011-07-25 17:09:13 | 3531,718,656 | -HS- | M] () -- C:\pagefile.sys [2009-09-20 10:44:47 | 000,000,780 | ---- | M] () -- C:\RHDSetup.log [2011-07-25 17:11:15 | 003,209,614 | ---- | M] () -- C:\sysiclog.txt [2011-07-20 17:24:41 | 020,117,316 | ---- | M] () -- C:\sysiclog.txt.bak [2011-07-25 16:00:26 | 000,064,692 | ---- | M] () -- C:\TDSSKiller.2.4.1.3_25.07.2011_15.52.44_log.txt [2011-07-25 17:09:35 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report > [/log]
wirusolog komentarz 25 lipca 2011 komentarz 25 lipca 2011 Wszystko zostało wyeliminowane i log wydaje się być czysty. [hr] [b]1.[/b] Uruchom OTL i wciśnij [b]Sprzątanie[/b]. [b]2.[/b] Aktualizacja: [quote] "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl)[/quote] [list] [*]Wersję Readerów 8.1.2 i 8.2.0 zastąp [url="http://get.adobe.com/reader/"][color="#0000FF"][b]Adobe Reader X (10.1)[/b][/color][/url] (nie zaznaczaj montażu sponsorów). [*]Napisz mi, jaką masz wersję Adobe Flash Player'a i Shockwave bo nie jest tutaj dokładna notka. [*]Liska zaaktualizuj do wersji [url=http://www.mozilla.com/pl/firefox/][b][color=blue][u]5.01[/url][/b][/color][/u][/list] [b]3.[/b] Do wyczyszczenia punkty przywracania systemu: [url=http://www.searchengines.pl/Czyszczenie-punktow-przywracania-systemu-t141981.html][b][color="#0000FF"][u]LINK[/url][/b][/color][/u] [b]4.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy). [b]5.[/b] Przeskanuj też cały system za pomocą [url=http://www.hotfix.pl/instrukcja-uzytkowania-dr-web-cureit--a193.htm][b][color=blue][u]Dr.Web CureIt![/url][/b][/color][/u] 1
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.