x-kom hosting

Prośba o sprawdzenie logów

Zamotasupuany
utworzono
utworzono (edytowane)

Witam. Od pewnego czasu komp wyraźnie zwolnił. Dość często pojawia się komunikat "program nie odpowiada" - trwa to do 30 sekund i wraca do normy. Generalnie coś mu jest. Z góry dzięki za rzucenie okiem na logi

OTL

[log]OTL logfile created on: 2011-07-24 14:42:52 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Zamotasupuany\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 55,19% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 254,15 Gb Total Space | 105,75 Gb Free Space | 41,61% Space Free | Partition Type: NTFS
Drive D: | 29,19 Gb Total Space | 27,19 Gb Free Space | 93,16% Space Free | Partition Type: NTFS

Computer Name: ZAMOTASUPUANYPC | User Name: Zamotasupuany | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe
PRC - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011-06-30 10:37:05 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011-06-28 16:56:02 | 000,484,008 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
PRC - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-06-26 21:13:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-11-02 16:44:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-09-22 12:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010-08-17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-01-15 19:32:59 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
PRC - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2008-08-12 02:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008-07-03 11:29:48 | 000,098,304 | R--- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2008-06-11 12:16:11 | 001,454,080 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008-06-06 00:40:40 | 000,102,400 | R--- | M] () -- C:\Program Files\ATK Hotkey\LOSD.exe
PRC - [2008-05-29 10:29:45 | 000,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008-05-29 10:29:39 | 001,111,336 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008-05-22 02:56:32 | 005,207,880 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2008-05-22 02:52:34 | 008,824,648 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008-05-10 03:55:24 | 002,555,904 | R--- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
PRC - [2008-01-23 19:51:28 | 000,151,552 | R--- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008-01-21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-21 04:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008-01-21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007-11-05 04:48:06 | 000,106,496 | R--- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe
MOD - [2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2011-04-12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-12-20 18:35:04 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-10-15 15:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 11:46:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor)
SRV - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Start_Pending] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter)
SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP)
SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-09-25 11:36:56 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-09-20 11:29:48 | 000,049,472 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm)
DRV - [2009-05-19 06:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-01-15 19:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-09-05 19:50:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008-08-29 03:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-06-25 00:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008-06-13 21:23:12 | 000,008,832 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2008-06-13 21:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Wdkbdmou.sys -- (Wdkbdmou)
DRV - [2008-06-11 12:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2008-05-23 02:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-04-28 00:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel(R)
DRV - [2008-01-24 19:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini)
DRV - [2008-01-10 19:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
DRV - [2007-07-30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-05-24 01:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006-12-14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-06-10 10:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2K.sys -- (USBCM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Users\Zamotasupuany\Downloads\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Zamotasupuany\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-26 21:13:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-29 20:41:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M]

[2010-12-30 16:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Extensions
[2011-07-02 07:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions
[2010-08-20 17:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-12-30 16:26:05 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2011-05-03 17:45:03 | 000,004,140 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\searchplugins\youtube.xml
[2011-06-16 18:46:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-03 15:59:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-17 06:53:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-10 23:35:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-15 11:45:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-20 22:24:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-16 18:46:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\ZAMOTASUPUANY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P881FOPR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011-06-26 21:13:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-09-14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 10.1.1.1
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-07-03 10:57:30 | 000,110,386 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell - "" = AutoRun
O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell - "" = AutoRun
O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell\AutoRun\command - "" = F:\setup.exe /autorun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeUpdater[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]Readycomm[/b] - hkey= - key= - C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: [b]Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]VeriFaceManager[/b] - hkey= - key= - C:\Program Files\Lenovo\VeriFaceIII\PManage.exe ()
MsConfig - StartUpReg: [b]VirtualCloneDrive[/b] - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-07-24 14:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-07-24 14:40:36 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe
[2011-07-24 13:39:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Desktop\muzyka od izy stasikowskiej
[2011-07-24 11:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2011-07-24 11:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis
[2011-07-24 10:08:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My NPS Files
[2011-07-24 10:07:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My Art
[2011-07-23 21:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K11
[2011-07-23 11:26:26 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Miuosh-Piata_Strona_Swiata-WEB-PL-2011
[2011-07-16 21:10:32 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-07-16 21:10:09 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011-07-16 21:10:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011-07-03 12:28:53 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\imieniny babci
[2011-06-25 19:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\autostitch
[2011-06-20 17:37:31 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{F9796FA1-8F59-4F22-84FD-D79B08D54776}
[2011-06-19 22:33:17 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{2C6E3E19-742B-482B-B9C3-9864917ACEFE}
[2011-06-19 21:38:51 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\The Witcher 2
[2011-06-19 21:38:35 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011-06-19 21:38:35 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011-06-19 21:38:35 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011-06-19 21:38:35 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011-06-19 21:38:35 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011-06-19 21:38:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011-06-19 21:38:34 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011-06-19 21:38:34 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011-06-19 21:38:34 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011-06-19 21:38:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011-06-19 21:38:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011-06-19 21:38:34 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011-06-19 21:38:33 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2011-06-19 21:38:33 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2011-06-19 21:38:33 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2011-06-19 21:38:32 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2011-06-19 21:38:32 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2011-06-19 21:38:29 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011-06-19 21:38:29 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011-06-19 21:38:28 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011-06-19 21:38:28 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011-06-19 21:38:28 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011-06-19 21:38:28 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011-06-19 21:38:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011-06-16 20:55:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-06-16 20:55:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-06-16 20:55:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-06-16 20:55:04 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011-06-16 18:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-06-16 18:46:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011-06-08 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\wykłady
[2011-06-06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\MaxFloRec - Podaj Dalej (2009)
[2011-06-06 19:48:45 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Fokus-Prewersje-CD-PL-2011-211
[2011-06-01 21:24:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011-06-01 21:24:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-06-01 21:24:26 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011-06-01 21:24:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011-06-01 21:24:25 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011-06-01 21:24:24 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011-06-01 21:24:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011-06-01 21:24:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011-06-01 21:24:23 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011-06-01 21:24:23 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011-06-01 21:24:23 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011-06-01 21:24:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011-06-01 21:24:23 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011-06-01 21:24:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011-06-01 21:24:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011-06-01 21:24:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011-06-01 21:24:22 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011-06-01 21:24:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011-06-01 21:24:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011-06-01 21:24:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011-06-01 21:24:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011-06-01 21:24:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011-06-01 21:24:21 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011-06-01 21:24:21 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011-06-01 21:24:20 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011-06-01 21:24:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011-06-01 21:24:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011-06-01 21:24:20 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011-06-01 21:24:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011-06-01 21:24:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011-06-01 21:24:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011-06-01 21:24:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011-06-01 21:24:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011-06-01 21:24:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011-06-01 21:24:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011-05-31 19:14:55 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia
[2011-05-31 19:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2011-05-31 19:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2011-05-31 19:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011-05-31 19:09:27 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2011-05-31 19:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011-05-31 19:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010-03-27 10:58:56 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2K.sys
[2009-09-20 10:46:14 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-07-24 14:44:51 | 000,781,383 | ---- | M] () -- C:\Users\Zamotasupuany\Desktop\RSIT.exe
[2011-07-24 14:43:04 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\OTL.exe
[2011-07-24 14:22:58 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-07-24 14:22:58 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-07-24 14:22:58 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-07-24 14:22:58 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-07-24 14:13:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-07-24 14:13:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-07-24 14:12:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004UA.job
[2011-07-24 13:46:14 | 000,169,472 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-24 13:39:30 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011-07-24 12:13:53 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011-07-24 12:13:38 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo
[2011-07-24 12:13:31 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-07-24 12:13:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-07-24 12:12:13 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-07-23 15:12:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004Core.job
[2011-07-23 09:55:08 | 005,709,006 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3
[2011-07-21 17:45:09 | 000,006,763 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u
[2011-07-17 15:55:39 | 000,045,362 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg
[2011-07-17 08:27:13 | 000,390,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-07-16 21:13:31 | 000,002,082 | ---- | M] () -- C:\Users\Zamotasupuany\Desktop\Google Chrome.lnk
[2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys
[2011-06-30 10:37:53 | 000,019,088 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011-06-17 06:29:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-06-02 15:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-06-01 21:24:42 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011-06-01 21:24:42 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011-06-01 21:24:27 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011-06-01 21:24:27 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-06-01 21:24:26 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011-06-01 21:24:25 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011-06-01 21:24:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011-06-01 21:24:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011-06-01 21:24:24 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011-06-01 21:24:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011-06-01 21:24:23 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011-06-01 21:24:23 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011-06-01 21:24:23 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011-06-01 21:24:23 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011-06-01 21:24:23 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011-06-01 21:24:23 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011-06-01 21:24:23 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011-06-01 21:24:23 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011-06-01 21:24:22 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011-06-01 21:24:22 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011-06-01 21:24:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011-06-01 21:24:22 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011-06-01 21:24:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011-06-01 21:24:22 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011-06-01 21:24:22 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011-06-01 21:24:21 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011-06-01 21:24:21 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011-06-01 21:24:20 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011-06-01 21:24:20 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011-06-01 21:24:20 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011-06-01 21:24:20 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011-06-01 21:24:20 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011-06-01 21:24:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011-06-01 21:24:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011-06-01 21:24:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011-06-01 21:24:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011-06-01 21:24:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011-06-01 21:24:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011-05-25 18:33:48 | 001,693,603 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\tango wesele.mp3
[2011-05-25 18:21:28 | 002,193,063 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\Carlos Gardel - Tango (Scent of woman soundtrack)[wyszukiwarkamp3.i50.pl].mp3
[1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-24 14:44:46 | 000,781,383 | ---- | C] () -- C:\Users\Zamotasupuany\Desktop\RSIT.exe
[2011-07-23 09:55:08 | 005,709,006 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3
[2011-07-21 17:45:08 | 000,006,763 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u
[2011-07-17 15:55:36 | 000,045,362 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg
[2011-06-19 22:30:13 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011-06-01 21:24:23 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011-05-25 18:33:45 | 001,693,603 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\tango wesele.mp3
[2011-05-25 18:22:07 | 002,193,063 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\Carlos Gardel - Tango (Scent of woman soundtrack)[wyszukiwarkamp3.i50.pl].mp3
[2011-05-07 17:56:16 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011-05-07 17:56:16 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-01-06 10:07:03 | 000,000,680 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\d3d9caps.dat
[2010-12-27 18:41:15 | 000,000,245 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Roaming\burnaware.ini
[2010-08-21 12:24:15 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll
[2010-08-21 12:24:15 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-08-20 20:55:49 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2010-08-08 14:31:49 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2010-08-08 14:26:53 | 000,000,016 | ---- | C] () -- C:\Windows\system87sG.dat
[2010-04-19 21:44:00 | 000,175,068 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2010-04-19 21:44:00 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2010-04-19 18:34:08 | 000,177,422 | ---- | C] () -- C:\Windows\hpoins28.dat
[2010-04-19 18:34:08 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2010-03-27 11:32:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010-03-27 11:32:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010-03-27 10:58:56 | 000,135,168 | ---- | C] () -- C:\Windows\UNDPX2K.exe
[2010-03-27 10:58:56 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2K.sys
[2010-03-24 20:27:50 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-03-24 19:34:22 | 000,169,472 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-20 12:04:24 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-09-20 11:47:04 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll
[2009-09-20 11:47:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll
[2009-09-20 11:47:03 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll
[2009-09-20 11:47:03 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll
[2009-09-20 11:47:03 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll
[2009-09-20 11:47:02 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll
[2009-09-20 11:47:02 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll
[2009-09-20 11:47:02 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2009-09-20 11:47:02 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2009-09-20 11:47:02 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll
[2009-09-20 11:47:02 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll
[2009-09-20 11:47:02 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll
[2009-09-20 11:47:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2009-09-20 11:47:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2009-09-20 11:47:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2009-09-20 11:41:03 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009-09-20 11:29:50 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll
[2009-09-20 11:29:50 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys
[2009-09-20 11:29:46 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll
[2009-09-20 10:46:13 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009-09-20 10:46:13 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009-09-20 10:25:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009-09-20 09:53:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-09-20 09:33:44 | 000,662,056 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-09-20 09:33:44 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-09-20 09:33:44 | 000,126,908 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-09-20 09:33:44 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-20 20:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe
[2009-07-20 20:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe
[2009-03-03 11:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-08-26 21:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008-06-13 21:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys
[2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007-04-16 12:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll
[2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 14:47:37 | 000,390,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001-11-14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-04-06 19:41:49 | 000,000,000 | -HSD | M] -- C:\Users\Zamotasupuany\AppData\Roaming\.#
[2010-03-28 08:55:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Ashampoo
[2010-11-06 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\avidemux
[2011-07-24 11:20:47 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\BitTorrent
[2011-05-19 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Broad Intelligence
[2011-03-25 21:11:45 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\DAEMON Tools Lite
[2011-03-16 21:24:54 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\FreshDiagnose
[2010-05-10 19:13:14 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Gadu-Gadu
[2010-11-12 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\IrfanView
[2011-03-25 21:33:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Leadertech
[2010-03-24 16:48:38 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Lenovo
[2011-05-31 19:27:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia
[2010-05-02 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\OfficeRecovery
[2010-10-16 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\PC Suite
[2011-07-24 12:06:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Samsung
[2011-01-23 13:41:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\SharePod
[2010-10-20 17:56:04 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Windows Live Writer
[2011-07-24 12:12:14 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011-07-03 10:57:30 | 000,110,386 | ---- | M] () -- C:\AutoMapaSetupLog.txt
[2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008-02-03 23:34:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011-07-24 12:13:37 | 003,086,908 | ---- | M] () -- C:\FaceProv.log
[2010-05-03 16:21:05 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2011-07-24 12:13:17 | 3531,718,656 | -HS- | M] () -- C:\pagefile.sys
[2009-09-20 10:44:47 | 000,000,780 | ---- | M] () -- C:\RHDSetup.log
[2011-07-24 14:45:26 | 002,556,111 | ---- | M] () -- C:\sysiclog.txt
[2011-07-20 17:24:41 | 020,117,316 | ---- | M] () -- C:\sysiclog.txt.bak
[2011-07-24 12:13:38 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008-01-21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:3B71D0B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CC02DF48

< End of report >

[/log]

[log]OTL Extras logfile created on: 2011-07-24 14:42:52 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Zamotasupuany\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 55,19% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 254,15 Gb Total Space | 105,75 Gb Free Space | 41,61% Space Free | Partition Type: NTFS
Drive D: | 29,19 Gb Total Space | 27,19 Gb Free Space | 93,16% Space Free | Partition Type: NTFS

Computer Name: ZAMOTASUPUANYPC | User Name: Zamotasupuany | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10AD9B54-0482-4B3D-B519-A6A2A814944B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{391C25C6-A35C-4CBC-89CF-9AC316553F8B}" = rport=139 | protocol=6 | dir=out | app=system |
"{3EAF38CA-5D8F-4F6F-BC9B-864D184B661C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{404C6E67-0767-407F-965D-040ACC338B56}" = rport=137 | protocol=17 | dir=out | app=system |
"{5CDAA2D0-4B06-4444-B34C-67859A87DA7A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6131E32B-E808-4FA7-A502-EEAAB603429D}" = lport=137 | protocol=17 | dir=in | app=system |
"{64BBBB5B-3F91-4654-84DC-7B3BF47B4D1B}" = lport=138 | protocol=17 | dir=in | app=system |
"{7AC0EAE3-BCEE-4F5F-B0DC-9A221C8D9DDA}" = lport=139 | protocol=6 | dir=in | app=system |
"{8E17C9F0-4A2F-42EA-9408-8D864B5188CD}" = rport=138 | protocol=17 | dir=out | app=system |
"{C31C2AAC-D599-4A24-92A7-5406BD20112D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D33E29E2-F484-42B5-B95B-2E74E8474FB8}" = rport=445 | protocol=6 | dir=out | app=system |
"{DEFB4B6D-0990-41FA-A9EB-514319506D0A}" = lport=445 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E2C714-6D37-487E-B846-D010B3A32FB2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{033A90B5-1728-4363-8ED2-613F43BCE99C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0444A59E-FDD4-4623-A3DB-9F80416D0985}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{16894A78-0D39-41F6-BCE4-8F4115FC13D2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{1FA197CF-9ECA-497D-8441-B23D73DA0602}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2410BC97-C947-4A91-99E9-5E879E212E24}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{29AC4365-4390-42A5-823A-9D2D63B1EE68}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{381BE12A-7223-4DB1-BCAD-125C5A431701}" = dir=in | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{3F03BA71-C676-4A17-880B-D1919653AA76}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{43C9D6B8-06EC-4762-92ED-BE171E7936C4}" = dir=out | app=c:\program files\lenovo\readycomm\filereceiver.exe |
"{4DD36E3C-9530-4A46-9157-5A5A18E98A0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{4E6B256A-8887-464F-A783-A1E7F4453075}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{5195545E-902D-4F35-AA5B-C747DF4C1780}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{5539853D-5DB3-453C-B81E-C6B1751CCEB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{556B126F-0033-4E1F-B4F8-A3E47FACAFBC}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{5F6105A6-67F2-4C88-8C67-C30503247044}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{628AE2CD-2DBE-41ED-91BA-8975397A63DF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{65BE4336-054C-4E03-A016-B6AF426F0039}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{738DA78A-8A3E-44E7-B2D8-F4D1291086A4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7F0AF988-8128-44AD-8298-7A2941F882A9}" = dir=in | app=c:\program files\lenovo\readycomm\filereceiver.exe |
"{7FC7507D-9B31-4A48-99A2-758FDB13E510}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85BCC107-7D13-4A9E-AC7F-9DC564C8EC7F}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{95C2C3EC-2E35-4010-B71A-338C44AF1FED}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{B2D0EAA9-CD4E-4AA5-A09C-88609B10D881}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B492A495-8F63-4CAB-AEA0-BC6CDA4017E0}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{BF342283-0287-4A35-853D-D9500C2EE3CD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{D0DBE4EE-E1BD-424E-943A-CBEE33FF914D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{D8EA5FDF-55E1-41DA-8A5E-E0499A0D73C9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{DA095DD2-1DD2-4F93-A3E4-C6B60B8CE060}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DB7FFE26-9071-45FB-933A-7510BBB53FBE}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{F39B2C77-1CCA-4DD6-8CA1-B5364C17147D}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{F9A9A8ED-B4C8-47EF-B9B3-2D3467A3052C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{25DDA4EC-DEBF-4297-B4DA-EEEF7FCEBA24}" = Lenovo Screensaver v1.0 for vista x86(en)
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4220_ProductContext
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F89200D-9C19-42F7-A056-640C9D4C158C}" = English Translator XT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}" = Lenovo System Repair - Windows Update Monitor
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 4.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F32C384-D237-4516-9F2B-223E8963A2FB}" = Lager
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A23E5590-6799-437B-9723-2627BA800B6F}" = Dolby Control Center
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B39AA98E-C966-46C9-ACA2-D2586E300988}" = WinFlash
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4210_Help
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Pakiet sterowników systemu Windows - Nokia Modem (10/07/2010 4.6)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ALLPlayer_is1" = ALLPlayer V4.X
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.21
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"Defraggler" = Defraggler
"E5372C32E8562C76C24DBA6525002B1031495F34" = Pakiet sterowników systemu Windows - Nokia Modem (06/09/2010 7.01.0.8)
"EasyCapture3.0" = EasyCapture
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Gadu-Gadu" = Gadu-Gadu 7.7
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{6F89200D-9C19-42F7-A056-640C9D4C158C}" = English Translator XT
"IrfanView" = IrfanView (remove only)
"Lenovo EasyCamera" = Lenovo EasyCamera
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PITy 2010_is1" = PITy 2010 dla Windows kompilacja:1.2.6.16
"RealPlayer 12.0" = RealPlayer
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SopCast" = SopCast 3.2.9
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VeriFace III" = VeriFace III
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WebSTAR DPX2100 Uninstall" = Scientific Atlanta WebSTAR 2000 series Cable Modem
"Winamp" = Winamp
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-02-13 14:43:46 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-13 15:20:57 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-14 01:36:41 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-14 10:52:23 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-14 12:52:23 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-14 14:00:30 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-14 16:39:07 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-15 01:30:43 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-15 02:21:11 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

Error - 2011-02-15 13:19:08 | Computer Name = ZamotasupuanyPC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 2010-05-05 16:45:58 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2010-10-26 13:57:00 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2010-12-12 10:18:37 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 186
seconds with 180 seconds of active time. This session ended with a crash.

Error - 2011-04-27 01:28:49 | Computer Name = ZamotasupuanyPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2011-07-23 14:10:29 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-07-23 14:10:32 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-07-23 14:11:24 | Computer Name = ZamotasupuanyPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-07-24 03:21:22 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-07-24 03:21:25 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-07-24 03:22:35 | Computer Name = ZamotasupuanyPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-07-24 06:15:27 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-07-24 06:15:30 | Computer Name = ZamotasupuanyPC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-07-24 06:16:21 | Computer Name = ZamotasupuanyPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-07-24 08:14:09 | Computer Name = ZamotasupuanyPC | Source = bowser | ID = 8003
Description =


< End of report >

[/log]

RSIT:

[log]info.txt logfile of random's system information tool 1.09 2011-07-24 14:45:27

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -maintain plugin
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 8.2.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A82000000003}
Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228}
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD}
ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe"
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo Burning Studio 9.21-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 9\unins000.exe"
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0015 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{A64A5576-D862-44F8-89DC-2B17FCC9B86E}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
COMODO Internet Security-->MsiExec.exe /I{CC6B1BB4-4E06-4A5B-A166-B371B551324B}
Cool Edit Pro 2.0-->C:\Program Files\coolpro2\cep2unin.exe
CWK (Czasowy Wyłącznik Komputera)-->"C:\Program Files\Damian Pasternak\CWK\CWK.exe" /uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Dolby Control Center-->MsiExec.exe /I{A23E5590-6799-437B-9723-2627BA800B6F}
EasyCapture-->C:\Program Files\Lenovo\EasyCapture\Uninstall.exe
Energy Management-->C:\Program Files\InstallShield Installation Information\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}\setup.exe -runfromtemp -l0x0015 -removeonly
English Translator XT-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6F89200D-9C19-42F7-A056-640C9D4C158C}
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Free M4a to MP3 Converter 6.2-->"C:\Program Files\Free M4a to MP3 Converter\unins000.exe"
Freez FLV to AVI/MPEG/WMV Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop
HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
ITECIR Driver-->C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.exe -runfromtemp -l0x0015 -removeonly
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Lenovo EasyCamera-->C:\Windows\Uninstsxga.bat
Lenovo OneKey Recovery-->"C:\Program Files\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo ReadyComm 4.0-->MsiExec.exe /X{76C66170-C538-4E77-B54D-48E136B5B533}
Lenovo Screensaver v1.0 for vista x86(en)-->MsiExec.exe /I{25DDA4EC-DEBF-4297-B4DA-EEEF7FCEBA24}
Lenovo System Repair - Windows Update Monitor-->C:\Program Files\InstallShield Installation Information\{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}\setup.exe -runfromtemp -l0x0015 -removeonly
Malwarebytes' Anti-Malware wersja 1.51.1.1800-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {79EB535E-76E4-4356-8146-A24EE55AB69D}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {E9EA2604-8AC9-47D2-8F4B-6BF60787A357}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Native Client-->MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller
Mozilla Firefox 5.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{4216D328-0FE8-48B8-85B8-BD300E6F080F}
Nokia PC Suite-->C:\ProgramData\Installations\{F38FD0E4-B991-462B-873D-F2115EADD093}\Nokia_PC_Suite_pol_web.exe
Nokia PC Suite-->MsiExec.exe /I{F38FD0E4-B991-462B-873D-F2115EADD093}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe
Pakiet sterowników systemu Windows - Nokia Modem (06/09/2010 7.01.0.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_7bc077a4\nokbtmdm.inf
Pakiet sterowników systemu Windows - Nokia Modem (10/07/2010 4.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_20216047\nokia_bluetooth.inf
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}
Picasa 3-->"C:\Users\Zamotasupuany\Downloads\Picasa3\Uninstall.exe"
PITy 2010 dla Windows kompilacja:1.2.6.16-->"C:\Program Files\PITy\PITy2010NG\unins000.exe"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03-->"C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -runfromtemp -l0x0009 anything -removeonly
Scientific Atlanta WebSTAR 2000 series Cable Modem-->UNDPX2K.EXE
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D}
Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
SopCast 3.2.9-->C:\Program Files\SopCast\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
VeriFace III-->C:\Program Files\Lenovo\VeriFaceIII\Uninstall.exe
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B39AA98E-C966-46C9-ACA2-D2586E300988}\Setup.exe" -l0x9

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: ZamotasupuanyPC
Event Code: 4386
Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2506212-15_neutral_PACKAGE z pakietu KB2506212(Security Update) na Żądana instalacja(Install Requested).
Record Number: 231345
Source Name: Microsoft-Windows-Servicing
Time Written: 20110414145623.000000-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: ZamotasupuanyPC
Event Code: 4376
Message: Obsługa zażądała ponownego uruchomienia w celu ukończenia operacji nadawania pakietowi KB2506212(Security Update) stanu Żądana instalacja(Install Requested).
Record Number: 231344
Source Name: Microsoft-Windows-Servicing
Time Written: 20110414145623.000000-000
Event Type: Ostrzeżenie
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: ZamotasupuanyPC
Event Code: 4386
Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2506212-5_neutral_GDR z pakietu KB2506212(Security Update) na Żądana instalacja(Install Requested).
Record Number: 231343
Source Name: Microsoft-Windows-Servicing
Time Written: 20110414145623.000000-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: ZamotasupuanyPC
Event Code: 4376
Message: Obsługa zażądała ponownego uruchomienia w celu ukończenia operacji nadawania pakietowi KB2506212(Security Update) stanu Żądana instalacja(Install Requested).
Record Number: 231342
Source Name: Microsoft-Windows-Servicing
Time Written: 20110414145623.000000-000
Event Type: Ostrzeżenie
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: ZamotasupuanyPC
Event Code: 4386
Message: Obsługa systemu Windows zażądała ponownego uruchomienia w celu ukończenia zmieniania stanu aktualizacji 2506212-6_neutral_PACKAGE z pakietu KB2506212(Security Update) na Żądana instalacja(Install Requested).
Record Number: 231341
Source Name: Microsoft-Windows-Servicing
Time Written: 20110414145623.000000-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

=====Application event log=====

Computer Name: ZamotasupuanyPC
Event Code: 6000
Message: Subskrybent powiadomień usługi winlogon <SessionEnv> był niedostępny i nie mógł obsłużyć zdarzenia powiadamiania.
Record Number: 21742
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100720054750.000000-000
Event Type: Informacje
User:

Computer Name: ZamotasupuanyPC
Event Code: 4101
Message: Sprawdzono poprawność licencji systemu Windows.
Record Number: 21741
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100720054750.000000-000
Event Type: Informacje
User:

Computer Name: ZamotasupuanyPC
Event Code: 902
Message: Usługa licencjonowania oprogramowania została uruchomiona.

Record Number: 21740
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20100720054749.000000-000
Event Type: Informacje
User:

Computer Name: ZamotasupuanyPC
Event Code: 1005
Message: Wynik użycia prawa systemu Windows: hr=0x0

Record Number: 21739
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20100720054748.000000-000
Event Type: Informacje
User:

Computer Name: ZamotasupuanyPC
Event Code: 1003
Message: Usługa licencjonowania oprogramowania ukończyła sprawdzanie stanu licencjonowania.
Identyfikator aplikacji=55c92734-d682-4d71-983e-d6ec3f16059f
Stan licencji=
{1,[11db994f-af86-4eb9-af35-fb4e3b0256f5, 8, 0xC004F014,0x0]}

{1,[3a1d44e2-bede-46fb-8a02-0cd485a1db8b, 8, 0xC004F014,0x0]}

{1,[6b16d38b-7dac-4614-9948-b4a92ddba889, 8, 0xC004F014,0x0]}

{1,[9e042223-03bf-49ae-808f-ff37f128d40d, 8, 0xC004F014,0x0]}

{1,[a3481201-436e-4fc9-88b4-34ccf7f81789, 8, 0xC004F014,0x0]}

{1,[a4eec485-e375-48b4-8f51-80d13a4086b6, 8, 0xC004F014,0x0]}

{1,[a7a4a974-ad47-420e-8e1a-83d28572058a, 8, 0xC004F014,0x0]}

{1,[b6795467-dc45-4acf-af87-e948ee3f15f4, 8, 0xC004F014,0x0]}

{1,[bffdc375-bbd5-499d-8ef1-4f37b61c895f, 0, 0x0,0x0],[0x0,0x0,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0,0,0x0]}

{1,[c3505bd0-004a-49b9-84db-a1a4869eddf1, 8, 0xC004F014,0x0]}

{1,[c5d8ec70-e2ae-42d8-aaa9-eec3772438ee, 8, 0xC004F014,0x0]}

{1,[cdb090c3-053c-4cd1-9cb2-e35b1738747a, 8, 0xC004F014,0x0]}

{1,[da0483a8-c443-45fd-9b52-2bba9b2ee8ab, 8, 0xC004F014,0x0]}

{1,[e05164a4-fb9a-471f-8c3a-6959b4cf1b72, 8, 0xC004F014,0x0]}

{1,[f3acdd3c-119a-4932-a3d7-0b6f33a1dca9, 8, 0xC004F014,0x0]}

{1,[afd5f68f-b70f-4000-a21d-28dbc8be8b07, 8, 0xC004F014,0x0]}

Record Number: 21738
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20100720054748.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: ZamotasupuanyPC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: ZAMOTASUPUANYPC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 2

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-21-1887336032-4259408775-1316863837-1004
Nazwa konta: Zamotasupuany
Domena konta: ZamotasupuanyPC
Identyfikator logowania: 0x23f2c
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x498
Nazwa procesu: C:\Windows\System32\winlogon.exe

Informacje o sieci:
Nazwa stacji roboczej: ZAMOTASUPUANYPC
Adres źródłowy sieci: 127.0.0.1
Port źródłowy: 0

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: User32
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 447630
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110331145137.026291-000
Event Type: Sukces inspekcji
User:

Computer Name: ZamotasupuanyPC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: ZAMOTASUPUANYPC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 2

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-21-1887336032-4259408775-1316863837-1004
Nazwa konta: Zamotasupuany
Domena konta: ZamotasupuanyPC
Identyfikator logowania: 0x23ef8
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x498
Nazwa procesu: C:\Windows\System32\winlogon.exe

Informacje o sieci:
Nazwa stacji roboczej: ZAMOTASUPUANYPC
Adres źródłowy sieci: 127.0.0.1
Port źródłowy: 0

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: User32
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 447629
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110331145137.026291-000
Event Type: Sukces inspekcji
User:

Computer Name: ZamotasupuanyPC
Event Code: 4648
Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: ZAMOTASUPUANYPC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Konto, którego poświadczenia zostały użyte:
Nazwa konta: Zamotasupuany
Domena konta: ZamotasupuanyPC
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Serwer docelowy:
Nazwa serwera docelowego: localhost
Informacje dodatkowe: localhost

Informacje o procesie:
Identyfikator procesu: 0x498
Nazwa procesu: C:\Windows\System32\winlogon.exe

Informacje o sieci:
Adres sieciowy: 127.0.0.1
Port: 0

To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS.
Record Number: 447628
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110331145137.026291-000
Event Type: Sukces inspekcji
User:

Computer Name: ZamotasupuanyPC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 447627
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110331145134.077891-000
Event Type: Sukces inspekcji
User:

Computer Name: ZamotasupuanyPC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: ZAMOTASUPUANYPC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x33c
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 447626
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110331145134.077891-000
Event Type: Sukces inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[/log]

[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Zamotasupuany at 2011-07-24 14:45:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 108 GB (41%) free of 260 GB
Total RAM: 3068 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:21, on 2011-07-24
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Zamotasupuany\Desktop\OTL.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Zamotasupuany\Desktop\RSIT.exe
C:\Program Files\trend micro\Zamotasupuany.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: System Repair Windows Update Monitor (System_Repair_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe

--
End of file - 8003 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Users\Zamotasupuany\Downloads\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4]
"Description"=Office Live Update v1.4
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732]
"Description"=6.0.12.732
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
BearShareWebSearch.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{E84D42CA-64EB-11DE-A65F-8C3656D89593}

C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\searchplugins\
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - &Tłumaczenie - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll [2005-11-05 323584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2008-06-11 1454080]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-05-29 1111336]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-15 13560352]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-15 92704]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-07-03 98304]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-02 281768]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2008-05-22 5207880]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2008-05-22 8824648]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Google Update"=C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-13 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2010-03-29 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
C:\Program Files\ALLPlayer\ALLUpdate.exe [2010-03-24 1432064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-13 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Readycomm]
C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe [2007-06-03 425984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-09-09 6281760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2008-09-09 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-04-15 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}]
C:\Windows\test.bat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files\Lenovo\VeriFaceIII\PManage.exe [2009-09-20 2916352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2008-08-26 752168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
"wave2"=serwvdrv.dll
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.divxa32"=msaud32_divx.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-24 14:45:14 ----D---- C:\Program Files\trend micro
2011-07-24 14:45:12 ----D---- C:\rsit
2011-07-24 11:26:31 ----D---- C:\Program Files\HijackThis
2011-07-16 21:10:32 ----A---- C:\Windows\system32\win32k.sys
2011-07-16 21:10:31 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-16 21:10:31 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-16 21:10:09 ----A---- C:\Windows\system32\winsrv.dll
2011-07-16 21:10:09 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-16 21:10:08 ----A---- C:\Windows\system32\kernel32.dll
2011-06-29 21:23:00 ----A---- C:\Windows\system32\schannel.dll
2011-06-25 19:25:54 ----D---- C:\Program Files\autostitch

======List of files/folders modified in the last 1 month======

2011-07-24 14:45:18 ----D---- C:\Windows\Temp
2011-07-24 14:45:14 ----RD---- C:\Program Files
2011-07-24 14:43:54 ----SHD---- C:\System Volume Information
2011-07-24 14:41:19 ----D---- C:\Windows\Prefetch
2011-07-24 14:25:35 ----D---- C:\Users\Zamotasupuany\AppData\Roaming\Winamp
2011-07-24 14:22:58 ----D---- C:\Windows\System32
2011-07-24 14:22:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-24 14:22:57 ----D---- C:\Windows\inf
2011-07-24 12:21:20 ----D---- C:\Joanna Leśków
2011-07-24 12:15:31 ----A---- C:\sysiclog.txt
2011-07-24 12:12:16 ----D---- C:\Windows\system32\catroot
2011-07-24 12:09:19 ----SHD---- C:\Windows\Installer
2011-07-24 12:09:19 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-24 12:09:18 ----D---- C:\Program Files\Samsung
2011-07-24 12:08:46 ----D---- C:\Windows\system32\drivers
2011-07-24 12:08:39 ----D---- C:\Windows\system32\catroot2
2011-07-24 12:07:09 ----D---- C:\Windows\winsxs
2011-07-24 12:06:41 ----D---- C:\Users\Zamotasupuany\AppData\Roaming\Samsung
2011-07-24 11:45:39 ----SD---- C:\Users\Zamotasupuany\AppData\Roaming\Microsoft
2011-07-24 11:20:47 ----D---- C:\Users\Zamotasupuany\AppData\Roaming\BitTorrent
2011-07-24 11:20:46 ----D---- C:\Windows\Logs
2011-07-24 10:02:06 ----RSD---- C:\Windows\assembly
2011-07-20 17:24:41 ----A---- C:\sysiclog.txt.bak
2011-07-18 20:09:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-17 15:02:45 ----D---- C:\Windows\system32\WDI
2011-07-17 13:41:10 ----D---- C:\Program Files\Defraggler
2011-07-17 09:40:18 ----D---- C:\Windows\Debug
2011-07-17 09:40:18 ----D---- C:\Windows
2011-07-17 08:27:28 ----A---- C:\Windows\system32\ICAutoUpdate.log.bak
2011-07-16 21:11:29 ----A---- C:\Windows\system32\mrt.exe
2011-07-03 10:57:30 ----A---- C:\AutoMapaSetupLog.txt
2011-06-30 10:37:25 ----A---- C:\Windows\system32\guard32.dll
2011-06-29 22:18:05 ----RSD---- C:\Windows\Fonts
2011-06-29 21:23:59 ----D---- C:\Program Files\Microsoft Office
2011-06-26 21:13:09 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-09-12 327192]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-25 436792]
R0 Wdkbdmou;Lenovo RMCT KbdMou Service; C:\Windows\system32\DRIVERS\Wdkbdmou.sys [2008-06-13 8832]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-28 138192]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-06-30 238960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-06-30 36568]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 funfrm;funfrm; C:\Windows\system32\drivers\funfrm.sys [2009-09-20 49472]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-06-30 82400]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-28 66616]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-06-25 47104]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-08-29 48192]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-09 2167128]
R3 MODEMCSA;Urządzenie filtru strumieniowego usługi Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw5v32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-05 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-15 7699392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2008-06-11 1097856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-05-29 199600]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
R3 vhidmini;ITECIR Hid Driver; C:\Windows\system32\DRIVERS\ITEhidCIR.sys [2008-01-24 10880]
R3 wdmirror;wdmirror; C:\Windows\system32\DRIVERS\WDMirror.sys [2008-06-13 8832]
S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-07-31 81960]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-31 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-31 17320]
S3 Dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-11-02 36608]
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-23 1747200]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBCM;Scientific Atlanta USB Cable Modem Driver; C:\Windows\system32\DRIVERS\Sacm2K.sys [2004-06-10 15429]
S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-24 128104]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2008-01-10 81192]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-06-28 269480]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [2008-08-26 522792]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-15 203296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-28 136176]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-28 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IncSvc;ReadyComm Network Monitor and Configuration; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]

-----------------EOF-----------------

[/log]

wirusolog
komentarz
komentarz (edytowane)

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]:OTL
O4 - HKLM..\Run: [NPSStartup] File not found
O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
[2010-12-30 16:26:05 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - File not found
MsConfig - StartUpReg: Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0} - hkey= - key= - File not found
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:3B71D0B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CC02DF48

:Files
C:\Windows\System32\icrav03.rat
C:\Windows\System32\ticrf.rat
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1887336032-4259408775-1316863837-1004UA.job

:Commands
[emptyflash]
[emptytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. Pokaż po restarcie który wyskoczy.

[b]2.[/b] Poproszę o wykaz z [url=http://www.hotfix.pl/instrukcja-obslugi-tdsskiller-a341.htm][b][color=blue][u]TDSSKiller'a[/url][/b][/color][/u].

  • Dobra wypowiedź 1
Zamotasupuany
komentarz
komentarz

[log]2011/07/25 15:52:44.0413 TDSS rootkit removing tool 2.4.1.3 Aug 27 2010 08:53:42
2011/07/25 15:52:44.0413 ================================================================================
2011/07/25 15:52:44.0413 SystemInfo:
2011/07/25 15:52:44.0413
2011/07/25 15:52:44.0413 OS Version: 6.0.6002 ServicePack: 2.0
2011/07/25 15:52:44.0413 Product type: Workstation
2011/07/25 15:52:44.0413 ComputerName: ZAMOTASUPUANYPC
2011/07/25 15:52:44.0413 UserName: Zamotasupuany
2011/07/25 15:52:44.0413 Windows directory: C:\Windows
2011/07/25 15:52:44.0413 System windows directory: C:\Windows
2011/07/25 15:52:44.0413 Processor architecture: Intel x86
2011/07/25 15:52:44.0413 Number of processors: 2
2011/07/25 15:52:44.0413 Page size: 0x1000
2011/07/25 15:52:44.0413 Boot type: Normal boot
2011/07/25 15:52:44.0413 ================================================================================
2011/07/25 15:53:21.0386 Initialize success
2011/07/25 15:53:32.0743 ================================================================================
2011/07/25 15:53:32.0743 Scan started
2011/07/25 15:53:32.0743 Mode: Manual;
2011/07/25 15:53:32.0743 ================================================================================
2011/07/25 15:53:33.0133 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/07/25 15:53:33.0226 ACPIVPC (87114efedeb94af49323ca61f344716d) C:\Windows\system32\DRIVERS\AcpiVpc.sys
2011/07/25 15:53:33.0320 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/07/25 15:53:33.0382 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/07/25 15:53:33.0429 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/07/25 15:53:33.0476 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/07/25 15:53:33.0601 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/07/25 15:53:33.0679 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/07/25 15:53:33.0726 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/25 15:53:33.0772 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/07/25 15:53:33.0819 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/07/25 15:53:33.0866 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/07/25 15:53:33.0897 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/07/25 15:53:33.0975 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/07/25 15:53:34.0053 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/07/25 15:53:34.0100 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/07/25 15:53:34.0178 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/25 15:53:34.0287 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/07/25 15:53:34.0381 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/25 15:53:34.0428 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/25 15:53:34.0506 b57nd60x (7d0f2bfa273831124fa08526af48af18) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/07/25 15:53:34.0584 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/25 15:53:34.0662 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/07/25 15:53:34.0724 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/25 15:53:34.0771 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/25 15:53:34.0818 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/25 15:53:34.0880 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/25 15:53:34.0942 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/25 15:53:34.0989 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/25 15:53:35.0020 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/25 15:53:35.0098 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/07/25 15:53:35.0176 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/25 15:53:35.0239 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/07/25 15:53:35.0364 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
2011/07/25 15:53:35.0426 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
2011/07/25 15:53:35.0504 btwaudio (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys
2011/07/25 15:53:35.0551 btwavdt (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys
2011/07/25 15:53:35.0613 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/07/25 15:53:35.0660 btwrchid (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/07/25 15:53:35.0707 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/25 15:53:35.0785 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/25 15:53:35.0847 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/07/25 15:53:35.0910 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/07/25 15:53:36.0003 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/25 15:53:36.0066 cmdGuard (bbe32e04e88b0048ec16f1d6c8936c4b) C:\Windows\system32\DRIVERS\cmdguard.sys
2011/07/25 15:53:36.0112 cmdHlp (497590ea7a94b98ea7a4516ebf0fb8d2) C:\Windows\system32\DRIVERS\cmdhlp.sys
2011/07/25 15:53:36.0159 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/07/25 15:53:36.0190 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/25 15:53:36.0222 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/07/25 15:53:36.0268 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/07/25 15:53:36.0331 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/07/25 15:53:36.0409 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/07/25 15:53:36.0502 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/07/25 15:53:36.0565 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/07/25 15:53:36.0596 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/07/25 15:53:36.0674 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/25 15:53:36.0736 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/25 15:53:36.0799 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/25 15:53:36.0877 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/07/25 15:53:36.0955 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/07/25 15:53:37.0048 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/07/25 15:53:37.0111 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/07/25 15:53:37.0204 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/07/25 15:53:37.0267 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/07/25 15:53:37.0345 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/25 15:53:37.0407 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/25 15:53:37.0438 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/25 15:53:37.0470 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/25 15:53:37.0532 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/07/25 15:53:37.0626 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/07/25 15:53:37.0704 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/25 15:53:37.0797 funfrm (000b97efe617d05f197420e4112dc8a8) C:\Windows\system32\drivers\funfrm.sys
2011/07/25 15:53:37.0844 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/25 15:53:37.0938 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/25 15:53:38.0031 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/25 15:53:38.0109 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/25 15:53:38.0156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/25 15:53:38.0218 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/25 15:53:38.0296 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/07/25 15:53:38.0406 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/07/25 15:53:38.0468 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/07/25 15:53:38.0530 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/25 15:53:38.0593 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/25 15:53:38.0640 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/07/25 15:53:38.0749 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/25 15:53:38.0920 inspect (1c65e930aba113f2ce59d32c7d8bc03f) C:\Windows\system32\DRIVERS\inspect.sys
2011/07/25 15:53:39.0217 IntcAzAudAddService (2e06052066ce4489cdfbfb8329ea52b1) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/25 15:53:39.0420 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/07/25 15:53:39.0482 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/25 15:53:39.0544 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/25 15:53:39.0622 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/25 15:53:39.0669 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/25 15:53:39.0716 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/25 15:53:39.0778 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/07/25 15:53:39.0825 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/25 15:53:39.0872 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/25 15:53:39.0919 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/25 15:53:39.0966 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/25 15:53:40.0044 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/25 15:53:40.0122 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/25 15:53:40.0246 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/25 15:53:40.0309 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/25 15:53:40.0340 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/25 15:53:40.0387 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/25 15:53:40.0434 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/25 15:53:40.0480 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/07/25 15:53:40.0543 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/07/25 15:53:40.0605 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/25 15:53:40.0652 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
2011/07/25 15:53:40.0683 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/25 15:53:40.0714 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/25 15:53:40.0761 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/25 15:53:40.0792 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/25 15:53:40.0839 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/07/25 15:53:40.0886 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/25 15:53:40.0948 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/25 15:53:41.0026 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/07/25 15:53:41.0073 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/25 15:53:41.0120 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/25 15:53:41.0167 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/25 15:53:41.0229 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/07/25 15:53:41.0276 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/07/25 15:53:41.0307 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/25 15:53:41.0354 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/25 15:53:41.0416 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/25 15:53:41.0448 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/25 15:53:41.0494 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/25 15:53:41.0541 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/07/25 15:53:41.0588 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/25 15:53:41.0619 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/25 15:53:41.0682 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
2011/07/25 15:53:41.0713 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/07/25 15:53:41.0775 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/25 15:53:41.0838 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/07/25 15:53:41.0900 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/25 15:53:41.0931 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/25 15:53:41.0994 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/25 15:53:42.0040 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/25 15:53:42.0087 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/25 15:53:42.0150 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/25 15:53:42.0352 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/07/25 15:53:42.0493 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/25 15:53:42.0602 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/07/25 15:53:42.0633 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/25 15:53:42.0711 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/07/25 15:53:42.0820 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/25 15:53:42.0852 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/25 15:53:42.0898 NVHDA (faa22e6256d9fa2c7f77b67c68cdd749) C:\Windows\system32\drivers\nvhda32v.sys
2011/07/25 15:53:43.0148 nvlddmkm (d21c2edcce6c3d6d3bc39d3d4912aa60) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/25 15:53:43.0366 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/07/25 15:53:43.0413 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/07/25 15:53:43.0491 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/07/25 15:53:43.0678 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/25 15:53:43.0756 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/25 15:53:43.0819 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/07/25 15:53:43.0866 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/25 15:53:43.0928 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/07/25 15:53:43.0959 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/07/25 15:53:43.0990 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/07/25 15:53:44.0037 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/25 15:53:44.0115 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/25 15:53:44.0287 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/25 15:53:44.0318 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/07/25 15:53:44.0412 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/25 15:53:44.0505 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/07/25 15:53:44.0568 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/25 15:53:44.0614 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/25 15:53:44.0661 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/25 15:53:44.0708 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/25 15:53:44.0755 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/25 15:53:44.0786 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/25 15:53:44.0848 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/25 15:53:44.0895 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/25 15:53:44.0942 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/07/25 15:53:44.0973 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/25 15:53:45.0051 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/07/25 15:53:45.0129 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/07/25 15:53:45.0192 rimmptsk (ded01a389926a89540b82373e4c550ee) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/07/25 15:53:45.0238 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/07/25 15:53:45.0270 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/07/25 15:53:45.0332 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/25 15:53:45.0379 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/25 15:53:45.0472 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/07/25 15:53:45.0535 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/25 15:53:45.0582 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/25 15:53:45.0613 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/25 15:53:45.0644 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/25 15:53:45.0722 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/07/25 15:53:45.0738 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/25 15:53:45.0800 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/07/25 15:53:45.0831 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/25 15:53:45.0878 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/07/25 15:53:45.0909 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/07/25 15:53:45.0956 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/07/25 15:53:46.0018 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/07/25 15:53:46.0096 smserial (5e62ba073c90e6c9d4ea199d6080f919) C:\Windows\system32\DRIVERS\smserial.sys
2011/07/25 15:53:46.0237 SNP2UVC (1c3ebfd0c355ce8ada349f09fe85fbca) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/07/25 15:53:46.0330 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/25 15:53:46.0424 sptd (a199171385be17973fd800fa91f8f78a) C:\Windows\system32\Drivers\sptd.sys
2011/07/25 15:53:46.0424 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a
2011/07/25 15:53:46.0424 sptd - detected Locked file (1)
2011/07/25 15:53:46.0471 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/07/25 15:53:46.0549 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/25 15:53:46.0580 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/25 15:53:46.0658 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/07/25 15:53:46.0720 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/25 15:53:46.0767 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/25 15:53:46.0798 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/25 15:53:46.0845 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/25 15:53:46.0908 SynTP (3a2c66f1019fc72dd30b5a8b3570a6a9) C:\Windows\system32\DRIVERS\SynTP.sys
2011/07/25 15:53:47.0048 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/07/25 15:53:47.0126 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/25 15:53:47.0173 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/25 15:53:47.0220 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/25 15:53:47.0266 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/25 15:53:47.0313 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/25 15:53:47.0360 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/25 15:53:47.0469 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/25 15:53:47.0516 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/25 15:53:47.0578 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/25 15:53:47.0625 tvtumon (3385d48304443d0ee42af5dbf89634b6) C:\Windows\system32\DRIVERS\tvtumon.sys
2011/07/25 15:53:47.0672 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/07/25 15:53:47.0734 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/25 15:53:47.0812 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/25 15:53:47.0844 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/07/25 15:53:47.0906 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/25 15:53:47.0968 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/25 15:53:48.0015 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/25 15:53:48.0124 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/25 15:53:48.0156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/25 15:53:48.0234 USBCM (d21cde1c635bcc5053463579eee453cf) C:\Windows\system32\DRIVERS\Sacm2K.sys
2011/07/25 15:53:48.0280 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/25 15:53:48.0343 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/25 15:53:48.0390 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/07/25 15:53:48.0436 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/25 15:53:48.0483 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/25 15:53:48.0530 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/25 15:53:48.0561 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/25 15:53:48.0608 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/07/25 15:53:48.0655 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys
2011/07/25 15:53:48.0717 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/25 15:53:48.0748 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/25 15:53:48.0811 vhidmini (8e969805420e8a28822d539327ce8fff) C:\Windows\system32\DRIVERS\ITEhidCIR.sys
2011/07/25 15:53:48.0842 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/07/25 15:53:48.0904 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/07/25 15:53:48.0951 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/07/25 15:53:48.0982 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/25 15:53:49.0045 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/07/25 15:53:49.0092 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/07/25 15:53:49.0154 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/07/25 15:53:49.0216 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/25 15:53:49.0263 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/25 15:53:49.0279 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/25 15:53:49.0341 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/07/25 15:53:49.0404 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/25 15:53:49.0466 Wdkbdmou (c7d64b97b0667f5a0e489b3f85ba02f2) C:\Windows\system32\DRIVERS\Wdkbdmou.sys
2011/07/25 15:53:49.0497 wdmirror (e4dc54e432e479a15c56de6cbc85a154) C:\Windows\system32\DRIVERS\WDMirror.sys
2011/07/25 15:53:49.0591 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/07/25 15:53:49.0700 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
2011/07/25 15:53:49.0762 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/25 15:53:49.0840 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/07/25 15:53:49.0872 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/25 15:53:49.0965 WSVD (5d0a08ebf9660e07865907fb1ab022b5) C:\Windows\system32\drivers\WSVD.sys
2011/07/25 15:53:50.0043 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/25 15:53:50.0121 ================================================================================
2011/07/25 15:53:50.0121 Scan finished
2011/07/25 15:53:50.0121 ================================================================================
2011/07/25 15:53:50.0137 Detected object count: 1
2011/07/25 15:54:15.0549 Locked file(sptd) - User select action: Skip

[/log]

wielkie dzięki za pomoc

wirusolog
komentarz
komentarz

Gdzie raport z usuwania OTL'em?
TDSSKiller wykrył jedynie [b]sptd[/b] który został zmodyfikowany przez jakiś program emulujący napędy.

Zamotasupuany
komentarz
komentarz (edytowane)

nie mam raportu z usuwania OTL'em (nie ma go w miejscu, gdzie mam program), przeskanowałem jeszcze raz i wrzucam loga:

[log]OTL logfile created on: 2011-07-25 17:18:06 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Zamotasupuany\Desktop\Ochrona
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,00% Memory free
6,19 Gb Paging File | 4,99 Gb Available in Paging File | 80,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 254,15 Gb Total Space | 105,95 Gb Free Space | 41,69% Space Free | Partition Type: NTFS
Drive D: | 29,19 Gb Total Space | 27,19 Gb Free Space | 93,16% Space Free | Partition Type: NTFS

Computer Name: ZAMOTASUPUANYPC | User Name: Zamotasupuany | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\Ochrona\OTL.exe
PRC - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011-06-30 10:37:05 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-06-26 21:13:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-11-28 14:28:23 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2010-11-13 14:57:24 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-11-02 16:44:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-09-22 12:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010-08-17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-01-15 19:32:59 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
PRC - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2008-08-12 02:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008-07-03 11:29:48 | 000,098,304 | R--- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2008-06-11 12:16:11 | 001,454,080 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008-06-06 00:40:40 | 000,102,400 | R--- | M] () -- C:\Program Files\ATK Hotkey\LOSD.exe
PRC - [2008-05-29 10:29:45 | 000,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008-05-29 10:29:39 | 001,111,336 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008-05-22 02:56:32 | 005,207,880 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2008-05-22 02:52:34 | 008,824,648 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008-05-10 03:55:24 | 002,555,904 | R--- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
PRC - [2008-01-23 19:51:28 | 000,151,552 | R--- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008-01-21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007-11-05 04:48:06 | 000,106,496 | R--- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-07-24 14:40:42 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zamotasupuany\Desktop\Ochrona\OTL.exe
MOD - [2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2011-04-12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-12-20 18:35:04 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-10-15 15:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 11:46:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fltLib.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-06-30 10:37:27 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-06-28 16:56:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-04-28 18:11:13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-09-27 20:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor)
SRV - [2008-08-26 21:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008-02-14 22:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Start_Pending] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter)
SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP)
SRV - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-10-03 06:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-09-25 11:36:56 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-09-20 11:29:48 | 000,049,472 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm)
DRV - [2009-05-19 06:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-01-15 19:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-09-05 19:50:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008-08-29 03:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-06-25 00:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008-06-13 21:23:12 | 000,008,832 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2008-06-13 21:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Wdkbdmou.sys -- (Wdkbdmou)
DRV - [2008-06-11 12:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2008-05-23 02:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-04-28 00:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel(R)
DRV - [2008-01-24 19:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini)
DRV - [2008-01-10 19:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
DRV - [2007-07-30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-05-24 01:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006-12-14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-06-10 10:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2K.sys -- (USBCM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1887336032-4259408775-1316863837-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Users\Zamotasupuany\Downloads\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Zamotasupuany\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zamotasupuany\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-26 21:13:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-29 20:41:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-04-19 21:47:35 | 000,000,000 | ---D | M]

[2010-12-30 16:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Extensions
[2011-07-02 07:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions
[2010-08-20 17:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zamotasupuany\AppData\Roaming\mozilla\Firefox\Profiles\p881fopr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-05-03 17:45:03 | 000,004,140 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Roaming\Mozilla\Firefox\Profiles\p881fopr.default\searchplugins\youtube.xml
[2011-06-16 18:46:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-03 15:59:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-17 06:53:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-10 23:35:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-15 11:45:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-20 22:24:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-16 18:46:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\ZAMOTASUPUANY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P881FOPR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011-06-26 21:13:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-09-14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 10.1.1.1
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Zamotasupuany\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-07-03 10:57:30 | 000,110,386 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell - "" = AutoRun
O33 - MountPoints2\{58ae1c09-68fb-11e0-a81b-90e6ba15fcd2}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell - "" = AutoRun
O33 - MountPoints2\{c65a941b-5711-11e0-a57d-90e6ba15fcd2}\Shell\AutoRun\command - "" = F:\setup.exe /autorun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeUpdater[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Zamotasupuany\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]Readycomm[/b] - hkey= - key= - C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited)
MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: [b]VeriFaceManager[/b] - hkey= - key= - C:\Program Files\Lenovo\VeriFaceIII\PManage.exe ()
MsConfig - StartUpReg: [b]VirtualCloneDrive[/b] - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-07-25 15:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\tdsskiller
[2011-07-25 15:19:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-07-24 14:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-07-24 14:45:12 | 000,000,000 | ---D | C] -- C:\rsit
[2011-07-24 13:39:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Desktop\muzyka od izy stasikowskiej
[2011-07-24 11:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis
[2011-07-24 10:08:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My NPS Files
[2011-07-24 10:07:25 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\My Art
[2011-07-23 21:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K11
[2011-07-23 11:26:26 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Miuosh-Piata_Strona_Swiata-WEB-PL-2011
[2011-07-03 12:28:53 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\imieniny babci
[2011-06-25 19:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\autostitch
[2011-06-20 17:37:31 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{F9796FA1-8F59-4F22-84FD-D79B08D54776}
[2011-06-19 22:33:17 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\{2C6E3E19-742B-482B-B9C3-9864917ACEFE}
[2011-06-19 21:38:51 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Local\The Witcher 2
[2011-06-16 18:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-06-16 18:46:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011-06-16 18:46:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011-06-08 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\wykłady
[2011-06-06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\MaxFloRec - Podaj Dalej (2009)
[2011-06-06 19:48:45 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\Documents\Fokus-Prewersje-CD-PL-2011-211
[2011-05-31 19:14:55 | 000,000,000 | ---D | C] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia
[2011-05-31 19:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2011-05-31 19:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2011-05-31 19:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011-05-31 19:09:27 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2011-05-31 19:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011-05-31 19:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010-03-27 10:58:56 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2K.sys
[2009-09-20 10:46:14 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-07-25 17:09:49 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011-07-25 17:09:46 | 000,043,319 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011-07-25 17:09:35 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo
[2011-07-25 17:09:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-07-25 17:09:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-07-25 17:09:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-07-25 16:07:37 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-07-24 20:32:47 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-07-24 20:32:47 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-07-24 20:32:47 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-07-24 20:32:47 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-07-24 13:46:14 | 000,169,472 | ---- | M] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-23 09:55:08 | 005,709,006 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3
[2011-07-21 17:45:09 | 000,006,763 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u
[2011-07-17 15:55:39 | 000,045,362 | ---- | M] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg
[2011-07-17 08:27:13 | 000,390,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-07-16 21:13:31 | 000,002,082 | ---- | M] () -- C:\Users\Zamotasupuany\Desktop\Google Chrome.lnk
[2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-06-30 10:37:56 | 000,082,400 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2011-06-30 10:37:55 | 000,036,568 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2011-06-30 10:37:54 | 000,238,960 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys
[2011-06-30 10:37:53 | 000,019,088 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2011-06-30 10:37:25 | 000,285,256 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2011-06-28 16:56:04 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011-06-28 16:56:04 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011-06-17 06:29:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-06-01 21:24:23 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[1 C:\Users\Zamotasupuany\AppData\Local\*.tmp files -> C:\Users\Zamotasupuany\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-23 09:55:08 | 005,709,006 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\Jan Kyks Skrzek - O mój Śląsku pobrano z www.DjOles.pl.mp3
[2011-07-21 17:45:08 | 000,006,763 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\hh plzagr.m3u
[2011-07-17 15:55:36 | 000,045,362 | ---- | C] () -- C:\Users\Zamotasupuany\Documents\cc_20110717_155534.reg
[2011-06-19 22:30:13 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011-06-01 21:24:23 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011-05-07 17:56:16 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011-05-07 17:56:16 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-01-06 10:07:03 | 000,000,680 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\d3d9caps.dat
[2010-12-27 18:41:15 | 000,000,245 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Roaming\burnaware.ini
[2010-08-21 12:24:15 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll
[2010-08-21 12:24:15 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-08-20 20:55:49 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2010-08-08 14:31:49 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2010-08-08 14:26:53 | 000,000,016 | ---- | C] () -- C:\Windows\system87sG.dat
[2010-04-19 21:44:00 | 000,175,068 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2010-04-19 21:44:00 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2010-04-19 18:34:08 | 000,177,422 | ---- | C] () -- C:\Windows\hpoins28.dat
[2010-04-19 18:34:08 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2010-03-27 11:32:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010-03-27 11:32:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010-03-27 10:58:56 | 000,135,168 | ---- | C] () -- C:\Windows\UNDPX2K.exe
[2010-03-27 10:58:56 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2K.sys
[2010-03-24 20:27:50 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-03-24 19:34:22 | 000,169,472 | ---- | C] () -- C:\Users\Zamotasupuany\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-20 12:04:24 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-09-20 11:47:04 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll
[2009-09-20 11:47:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll
[2009-09-20 11:47:03 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll
[2009-09-20 11:47:03 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll
[2009-09-20 11:47:03 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll
[2009-09-20 11:47:02 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll
[2009-09-20 11:47:02 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll
[2009-09-20 11:47:02 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2009-09-20 11:47:02 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2009-09-20 11:47:02 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll
[2009-09-20 11:47:02 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll
[2009-09-20 11:47:02 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll
[2009-09-20 11:47:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2009-09-20 11:47:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2009-09-20 11:47:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2009-09-20 11:41:03 | 000,043,319 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009-09-20 11:29:50 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll
[2009-09-20 11:29:50 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys
[2009-09-20 11:29:46 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll
[2009-09-20 10:46:13 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009-09-20 10:46:13 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009-09-20 10:25:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009-09-20 09:53:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-09-20 09:33:44 | 000,662,056 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-09-20 09:33:44 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-09-20 09:33:44 | 000,126,908 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-09-20 09:33:44 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-20 20:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe
[2009-07-20 20:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe
[2009-03-03 11:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-08-26 21:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008-06-13 21:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys
[2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007-04-16 12:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll
[2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 14:47:37 | 000,390,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001-11-14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-04-06 19:41:49 | 000,000,000 | -HSD | M] -- C:\Users\Zamotasupuany\AppData\Roaming\.#
[2010-03-28 08:55:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Ashampoo
[2010-11-06 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\avidemux
[2011-07-24 21:44:22 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\BitTorrent
[2011-05-19 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Broad Intelligence
[2011-03-25 21:11:45 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\DAEMON Tools Lite
[2011-03-16 21:24:54 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\FreshDiagnose
[2010-05-10 19:13:14 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Gadu-Gadu
[2010-11-12 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\IrfanView
[2011-03-25 21:33:19 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Leadertech
[2010-03-24 16:48:38 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Lenovo
[2011-05-31 19:27:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Nokia
[2010-05-02 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\OfficeRecovery
[2010-10-16 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\PC Suite
[2011-07-24 12:06:41 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Samsung
[2011-01-23 13:41:00 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\SharePod
[2010-10-20 17:56:04 | 000,000,000 | ---D | M] -- C:\Users\Zamotasupuany\AppData\Roaming\Windows Live Writer
[2011-07-25 16:07:37 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011-07-03 10:57:30 | 000,110,386 | ---- | M] () -- C:\AutoMapaSetupLog.txt
[2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008-02-03 23:34:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011-07-25 17:09:31 | 003,096,353 | ---- | M] () -- C:\FaceProv.log
[2010-05-03 16:21:05 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2011-07-25 17:09:13 | 3531,718,656 | -HS- | M] () -- C:\pagefile.sys
[2009-09-20 10:44:47 | 000,000,780 | ---- | M] () -- C:\RHDSetup.log
[2011-07-25 17:11:15 | 003,209,614 | ---- | M] () -- C:\sysiclog.txt
[2011-07-20 17:24:41 | 020,117,316 | ---- | M] () -- C:\sysiclog.txt.bak
[2011-07-25 16:00:26 | 000,064,692 | ---- | M] () -- C:\TDSSKiller.2.4.1.3_25.07.2011_15.52.44_log.txt
[2011-07-25 17:09:35 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008-01-21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< End of report >

[/log]

wirusolog
komentarz
komentarz

Wszystko zostało wyeliminowane i log wydaje się być czysty.

[hr]

[b]1.[/b] Uruchom OTL i wciśnij [b]Sprzątanie[/b].

[b]2.[/b] Aktualizacja:
[quote]
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl)[/quote]
[list]
[*]Wersję Readerów 8.1.2 i 8.2.0 zastąp [url="http://get.adobe.com/reader/"][color="#0000FF"][b]Adobe Reader X (10.1)[/b][/color][/url] (nie zaznaczaj montażu sponsorów).
[*]Napisz mi, jaką masz wersję Adobe Flash Player'a i Shockwave bo nie jest tutaj dokładna notka.
[*]Liska zaaktualizuj do wersji [url=http://www.mozilla.com/pl/firefox/][b][color=blue][u]5.01[/url][/b][/color][/u][/list]

[b]3.[/b] Do wyczyszczenia punkty przywracania systemu: [url=http://www.searchengines.pl/Czyszczenie-punktow-przywracania-systemu-t141981.html][b][color="#0000FF"][u]LINK[/url][/b][/color][/u]

[b]4.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy).

[b]5.[/b] Przeskanuj też cały system za pomocą [url=http://www.hotfix.pl/instrukcja-uzytkowania-dr-web-cureit--a193.htm][b][color=blue][u]Dr.Web CureIt![/url][/b][/color][/u]

  • Dobra wypowiedź 1

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.