x-kom hosting

volsnap.sys, BSOD, wysłano mnie tu

Perfer
utworzono
utworzono (edytowane)

Siema,
wysłano mnie tu z działu BSOD'ów, argumentując, że to wirus powoduje BSOD'a.

Dzieje się to na komputerze Hp Pavilion dv133~
z systemem Vista

Dzisiaj np. wywaliło mi BSOD'a przy podłączaniu pendrive'a, a wcześniej gdy komputer sobie leżał i się nudził.

Oto logi z windbgra:
(jak sie nudził):
[log]Microsoft ® Windows Debugger Version 6.12.0002.633 X86
Copyright © Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini092811-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18267.x86fre.vistasp2_gdr.100608-0458
Machine Name:
Kernel base = 0x82607000 PsLoadedModuleList = 0x8271ec70
Debug session time: Wed Sep 28 09:44:20.135 2011 (UTC + 2:00)
System Uptime: 0 days 11:08:36.490
Loading Kernel Symbols
...............................................................
................................................................
................................................................
.....................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41287, 4cc, 0, 0}

Probably caused by : volsnap.sys ( volsnap!VspCreateWriteHeap+fa )

Followup: MachineOwner
---------
[/log]

(podczas włączania pendrive'a):
[log]
Microsoft ® Windows Debugger Version 6.12.0002.633 X86
Copyright © Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini092811-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18267.x86fre.vistasp2_gdr.100608-0458
Machine Name:
Kernel base = 0x82602000 PsLoadedModuleList = 0x82719c70
Debug session time: Wed Sep 28 14:27:31.845 2011 (UTC + 2:00)
System Uptime: 0 days 0:17:45.975
Loading Kernel Symbols
...............................................................
................................................................
................................................................
........................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41287, 4cc, 0, 0}

Probably caused by : WUDFRd.sys ( WUDFRd!RdMapLockedPagesSpecifyCache+28 )

Followup: MachineOwner
---------

[/log]

Log z malwarebyte'a:
[log]
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Wersja bazy: 7770

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

2011-09-28 14:46:52
mbam-log-2011-09-28 (14-46-52).txt

Typ skanowania: Szybkie skanowanie
Przeskanowano obiektów: 274298
Upłynęło: 8 minut(y), 51 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
(Nie znaleziono zagrożeń)[/log]

Bardzo prosiłbym o pomoc,
pozdrawiam

Gość
komentarz
komentarz

Wykonaj logi z OTL i GMERA [url="http://www.fixitpc.pl/forum-38/announcement-3-wazne-zakladanie-tematu-obowiazkowe-logi/"]http://www.fixitpc.pl/forum-38/announcement-3-wazne-zakladanie-tematu-obowiazkowe-logi/[/url]

Perfer
komentarz
komentarz (edytowane)

Log z OTL'a:
[log]OTL logfile created on: 2011-09-28 17:22:48 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\KAROL\Desktop\OTL
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,30% Memory free
6,19 Gb Paging File | 5,16 Gb Available in Paging File | 83,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,08 Gb Total Space | 58,46 Gb Free Space | 20,15% Space Free | Partition Type: NTFS
Drive D: | 8,01 Gb Total Space | 1,20 Gb Free Space | 14,95% Space Free | Partition Type: NTFS
Drive E: | 613,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,46 Gb Total Space | 4,53 Gb Free Space | 60,74% Space Free | Partition Type: NTFS

Computer Name: KAROL-PC | User Name: KAROL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-09-22 21:22:57 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\KAROL\Desktop\OTL\OTL.exe
PRC - [2011-08-03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-08-03 13:50:00 | 000,812,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011-08-03 13:50:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-04-07 17:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2010-11-11 22:07:28 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\blueconnect\DataCardMonitor.exe
PRC - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-08-12 15:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010-07-28 03:23:50 | 000,526,992 | ---- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2010-07-26 23:59:20 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe
PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010-03-02 18:10:24 | 000,138,072 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe
PRC - [2010-03-02 18:03:18 | 000,247,152 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe
PRC - [2009-12-02 17:36:16 | 000,172,544 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
PRC - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-09-29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009-09-29 09:52:52 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-12-31 16:19:56 | 000,102,400 | ---- | M] () -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
PRC - [2008-06-27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
PRC - [2008-06-27 17:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
PRC - [2008-06-19 14:17:36 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008-06-19 14:17:36 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008-04-27 23:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008-04-26 01:15:26 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe
PRC - [2007-12-17 06:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007-12-13 08:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEFE.EXE
PRC - [2007-07-12 13:43:50 | 000,226,904 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007-01-11 06:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011-03-27 13:11:42 | 000,689,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\24c6417baba7ca153d53c9977fc5c008\System.Data.SqlServerCe.ni.dll
MOD - [2010-08-24 11:43:06 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\32e6bf88bb0dcdad040abc8ad97cab83\System.EnterpriseServices.ni.dll
MOD - [2010-08-24 11:43:05 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9f38a2b0adadce82d09209811af4043e\System.Transactions.ni.dll
MOD - [2010-08-24 11:43:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ca467e23bbfcffac8809b9e21dcbd9a6\System.Configuration.ni.dll
MOD - [2010-08-24 11:37:34 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\88593f5f0fc6de5d5f4a85aa2b1466f3\System.Xml.ni.dll
MOD - [2010-08-24 11:37:09 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d9ab6e29eba6cb0d8459fcbb2c40c1a7\System.Windows.Forms.ni.dll
MOD - [2010-08-24 11:36:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\887fa2d6b76e7302b0c664effad4f91f\System.Drawing.ni.dll
MOD - [2010-08-24 11:36:11 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\cc009a955f4b35c344c2f9aaf453f329\System.Data.ni.dll
MOD - [2010-08-24 11:35:10 | 007,949,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ed6ae2749d12c4729ee43ff339de4bb8\System.ni.dll
MOD - [2010-08-24 11:34:36 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\98bbdd8c400493ad228b8283665cc9da\mscorlib.ni.dll
MOD - [2010-07-28 03:24:30 | 000,117,904 | ---- | M] () -- C:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu.dll
MOD - [2010-03-02 18:10:24 | 000,138,072 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe
MOD - [2009-09-04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009-03-31 20:05:12 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-03-30 06:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009-03-30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008-06-25 22:34:52 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2008-06-19 14:10:46 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006-09-14 01:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-09-22 00:39:19 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011-08-03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-04-07 17:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010-08-12 15:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-03-02 18:03:18 | 000,247,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009-09-29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009-01-08 09:38:46 | 004,136,960 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (WiselinkPro)
SRV - [2008-12-31 16:19:56 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe -- (MSR Service)
SRV - [2008-12-22 12:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008-06-27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe -- (AESTFilters)
SRV - [2008-06-27 17:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -- (STacSV)
SRV - [2008-04-27 23:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008-04-26 01:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-17 06:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007-01-11 06:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-08-03 13:50:00 | 010,304,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-05-10 11:41:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011-04-11 15:02:31 | 000,346,192 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rig3avs.sys -- (rig3avs)
DRV - [2011-04-11 15:02:31 | 000,095,312 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rig3usb.sys -- (rig3usb_svc)
DRV - [2011-04-11 15:02:31 | 000,095,312 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rig3usb.sys -- (rig3usb)
DRV - [2010-07-29 14:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010-07-29 14:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010-07-29 14:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-07-29 14:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010-07-29 14:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-02-22 04:22:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-18 12:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010-01-18 12:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010-01-18 12:21:00 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2010-01-18 12:20:58 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009-11-02 10:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008-12-21 12:04:46 | 000,012,800 | ---- | M] (The One Technology) [Kernel | System | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys -- (mdf15)
DRV - [2008-11-17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008-08-07 15:42:12 | 000,025,392 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008-08-07 15:31:52 | 000,034,608 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008-07-08 12:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-06-27 17:44:18 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008-05-02 15:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-04-27 23:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008-01-24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2007-11-08 22:51:54 | 000,010,880 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DFUUsb.sys -- (DfuUsb)
DRV - [2007-10-24 10:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2007-06-18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007-03-19 15:40:34 | 000,060,288 | ---- | M] (The One Technology) [Kernel | System | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys -- (mvd17)
DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2001-04-13 20:16:38 | 000,187,992 | ---- | M] (Roland) [Kernel | Auto | Running] -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url]
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url]
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://tvn24-stream.onet.pl/nazywo.html"]http://tvn24-stream.....pl/nazywo.html[/url]
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url]
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb"]http://ie.redirect.h...avilion&pf=cnnb[/url]

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ing.pl/u235/navi/35"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-05-31 15:32:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2009-11-11 15:56:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-21 22:41:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-21 22:56:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-12-24 17:19:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2009-11-11 15:56:56 | 000,000,000 | ---D | M]

[2010-08-20 18:57:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KAROL\AppData\Roaming\mozilla\Extensions
[2011-09-21 23:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KAROL\AppData\Roaming\mozilla\Firefox\Profiles\z415x1dc.default\extensions
[2011-08-31 17:08:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\KAROL\AppData\Roaming\mozilla\Firefox\Profiles\z415x1dc.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}(326)
[2010-09-13 11:38:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\KAROL\AppData\Roaming\mozilla\Firefox\Profiles\z415x1dc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-08-23 16:04:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-23 16:04:27 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-02-19 18:41:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\KAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z415X1DC.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
[2011-08-17 17:20:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-02-19 18:41:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]


O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\KAROL\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe File not found
O4 - HKLM..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /title="Corel Graphics Suite 11" /date=032111 serial=DR11CTD-9999999-KHM File not found
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [Standby] C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Netia\Mobilny Internet\UIExec.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [EPSON Stylus SX200 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [Twoje TVN24] File not found
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html ()
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.ad...Plus/1.6/gp.cab[/url] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26341FCD-81FE-4D84-8CA0-32FF1A916BAF}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\KAROL\Pictures\Ustroń\Pies ogrodnika.JPG
O24 - Desktop BackupWallPaper: C:\Users\KAROL\Pictures\Ustroń\Pies ogrodnika.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-03-22 10:11:42 | 000,000,832 | ---- | M] () - C:\Autorun_dll.log -- [ NTFS ]
O33 - MountPoints2\{079d6d45-a137-11de-b381-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{079d6d45-a137-11de-b381-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0a0d7c58-edc5-11df-abe4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0a0d7c58-edc5-11df-abe4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0a0d7c96-edc5-11df-abe4-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{0a0d7c96-edc5-11df-abe4-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3f4cd2ae-6d39-11de-bbb4-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{3f4cd2ae-6d39-11de-bbb4-00235aa3678a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3f4cd2e4-6d39-11de-bbb4-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{3f4cd2e4-6d39-11de-bbb4-00235aa3678a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{497e8cee-a1dd-11de-8e95-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{497e8cee-a1dd-11de-8e95-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4fa324c8-45f1-11de-8642-002186c9e731}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winupd32.exe
O33 - MountPoints2\{4fa324c8-45f1-11de-8642-002186c9e731}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winupd32.exe
O33 - MountPoints2\{55b25d95-bb33-11de-b450-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{55b25d95-bb33-11de-b450-002186c9e731}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{78666a58-1f59-11df-8393-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{78666a58-1f59-11df-8393-002186c9e731}\Shell\AutoRun\command - "" = F:\hom&m3gepl.exe
O33 - MountPoints2\{8a534210-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a534210-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8a53422f-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a53422f-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8a534244-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a534244-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8a534279-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a534279-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8f43ff0e-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff0e-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff39-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff39-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff3e-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff3e-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff41-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff41-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff46-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff46-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{92836121-d296-11de-bba3-002186c9e731}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
O33 - MountPoints2\{949d1381-b821-11e0-9426-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{949d1381-b821-11e0-9426-002186c9e731}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{949d13bd-b821-11e0-9426-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{949d13bd-b821-11e0-9426-001e101f8924}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fe90c862-ed6c-11df-b23e-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{fe90c862-ed6c-11df-b23e-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff9b51f7-edc1-11df-b455-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ff9b51f7-edc1-11df-b455-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff9b5234-edc1-11df-b455-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{ff9b5234-edc1-11df-b455-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff9b523e-edc1-11df-b455-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{ff9b523e-edc1-11df-b455-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-09-28 17:20:09 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\OTL
[2011-09-28 14:33:38 | 000,000,000 | ---D | C] -- C:\symbols
[2011-09-24 21:06:30 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VASSAL
[2011-09-24 21:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\VASSAL
[2011-09-23 13:57:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2011-09-22 22:09:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2011-09-22 21:57:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2011-09-22 16:12:36 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\Malwarebytes
[2011-09-22 16:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-09-22 16:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-09-22 16:12:24 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-09-22 16:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-09-22 14:14:52 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2011-09-22 14:14:52 | 002,558,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2011-09-22 14:14:52 | 000,309,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll
[2011-09-22 14:14:52 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2011-09-22 14:14:51 | 003,730,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2011-09-22 14:14:51 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2011-09-22 14:14:49 | 000,600,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll
[2011-09-22 14:11:56 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011-09-22 14:11:56 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2011-09-22 14:11:56 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011-09-22 14:11:55 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011-09-22 14:11:55 | 010,304,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011-09-22 14:11:55 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011-09-22 14:11:55 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011-09-22 14:11:55 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011-09-22 14:11:55 | 000,914,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2011-09-22 14:11:55 | 000,875,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2011-09-22 13:51:13 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2011-09-22 13:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2011-09-22 13:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
[2011-09-22 13:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2011-09-22 13:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier
[2011-09-22 13:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2011-09-22 13:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
[2011-09-22 13:42:38 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\windbg
[2011-09-22 13:27:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A07F7F49-03B9-4B8B-A266-07563B0278A6}
[2011-09-22 01:03:46 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\memtest
[2011-09-21 23:33:49 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{72f8c2ce-4d47-4424-a8c9-0fa117485c4b}
[2011-09-21 17:42:38 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\welt
[2011-09-21 17:13:25 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{06df778f-f510-48fd-ac57-0ce755d06ae7}
[2011-09-21 17:01:38 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{664d8a28-393c-4ae0-8096-bfa55d4f3dca}
[2011-09-21 16:44:28 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{be498c9c-a804-4c58-8f3e-fb7bffd0eada}
[2011-09-21 16:09:16 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{6b8dd61f-ed0e-4414-b95a-16d4a4a7011d}
[2011-09-21 16:02:07 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{d25a5af4-715e-4d0d-a31a-5bee1578b5b5}
[2009-02-19 21:44:03 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2009-02-19 21:44:02 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2009-02-19 21:44:02 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2009-02-19 21:44:01 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2009-02-19 21:44:01 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-09-28 17:27:56 | 007,602,176 | ---- | M] () -- C:\Users\KAROL\ntuser.dat
[2011-09-28 17:18:22 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-09-28 17:13:52 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-09-28 17:13:51 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-09-28 17:13:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011-09-28 17:13:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-09-28 17:13:32 | 326,315,057 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-09-28 16:33:20 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-09-28 16:31:21 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-09-27 22:24:54 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-09-27 22:24:51 | 000,524,288 | -HS- | M] () -- C:\Users\KAROL\ntuser.dat{3e5750cb-2dc6-11df-afea-002186c9e731}.TMContainer00000000000000000001.regtrans-ms
[2011-09-27 22:24:51 | 000,065,536 | -HS- | M] () -- C:\Users\KAROL\ntuser.dat{3e5750cb-2dc6-11df-afea-002186c9e731}.TM.blf
[2011-09-27 22:24:45 | 003,311,449 | -H-- | M] () -- C:\Users\KAROL\AppData\Local\IconCache.db
[2011-09-27 20:00:53 | 000,857,234 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011-09-27 20:00:53 | 000,607,668 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-09-27 20:00:53 | 000,137,286 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-09-27 20:00:53 | 000,108,940 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-09-27 20:00:53 | 000,013,218 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-09-24 21:06:30 | 000,000,736 | ---- | M] () -- C:\Users\KAROL\Desktop\VASSAL.lnk
[2011-09-23 17:30:13 | 000,000,795 | ---- | M] () -- C:\Users\Public\Desktop\Pasek TVN24.lnk
[2011-09-22 22:13:39 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2011-09-22 21:59:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_rig3usb_01009.Wdf
[2011-09-22 16:12:27 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-09-21 22:55:03 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKAROL.job
[2011-09-21 22:31:21 | 000,524,288 | -HS- | M] () -- C:\Users\KAROL\ntuser.dat{7c53fdd3-e464-11e0-8d53-001a4dfe3d10}.TMContainer00000000000000000001.regtrans-ms
[2011-09-21 22:31:21 | 000,065,536 | -HS- | M] () -- C:\Users\KAROL\ntuser.dat{7c53fdd3-e464-11e0-8d53-001a4dfe3d10}.TM.blf
[2011-09-21 21:54:21 | 000,524,288 | -HS- | M] () -- C:\Users\KAROL\ntuser.dat{7c53fdd3-e464-11e0-8d53-001a4dfe3d10}.TMContainer00000000000000000002.regtrans-ms
[2011-09-21 16:54:19 | 000,008,484 | ---- | M] () -- C:\Users\KAROL\AppData\Local\d3d9caps.dat
[2011-08-31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-09-23 17:30:13 | 000,000,795 | ---- | C] () -- C:\Users\Public\Desktop\Pasek TVN24.lnk
[2011-09-22 22:13:39 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2011-09-22 21:59:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_rig3usb_01009.Wdf
[2011-09-22 16:22:33 | 003,311,449 | -H-- | C] () -- C:\Users\KAROL\AppData\Local\IconCache.db
[2011-09-22 16:12:27 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-09-22 14:11:55 | 000,004,358 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2011-09-21 17:36:48 | 000,524,288 | -HS- | C] () -- C:\Users\KAROL\ntuser.dat{7c53fdd3-e464-11e0-8d53-001a4dfe3d10}.TMContainer00000000000000000002.regtrans-ms
[2011-09-21 17:36:47 | 000,524,288 | -HS- | C] () -- C:\Users\KAROL\ntuser.dat{7c53fdd3-e464-11e0-8d53-001a4dfe3d10}.TMContainer00000000000000000001.regtrans-ms
[2011-09-21 17:36:47 | 000,065,536 | -HS- | C] () -- C:\Users\KAROL\ntuser.dat{7c53fdd3-e464-11e0-8d53-001a4dfe3d10}.TM.blf
[2011-03-18 01:16:34 | 000,000,008 | RHS- | C] () -- C:\ProgramData\6AF4210023.sys
[2011-03-17 22:22:21 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-11-26 01:39:47 | 000,000,391 | ---- | C] () -- C:\Windows\crownofglory.ini
[2010-11-01 17:43:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010-08-20 18:57:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-07-09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-03-18 00:46:22 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010-03-18 00:46:22 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll
[2009-11-22 21:52:05 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
[2009-10-17 17:38:37 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-10-16 12:21:48 | 000,108,312 | ---- | C] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2009-09-17 21:29:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-09-17 21:29:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-09-17 21:28:45 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2009-09-13 13:13:40 | 000,000,155 | ---- | C] () -- C:\Windows\mistrz.ini
[2009-09-02 17:30:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\t5clientGateWriter.dll
[2009-09-02 17:30:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\t5clientGateCalc.dll
[2009-08-10 12:07:33 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xerces-depdom_2_7.dll
[2009-08-10 12:06:58 | 001,409,024 | ---- | C] () -- C:\Windows\System32\t5core-1.0.dll
[2009-08-10 09:26:01 | 010,166,272 | ---- | C] () -- C:\Windows\System32\icudt36.DLL
[2009-07-24 20:35:00 | 000,000,026 | ---- | C] () -- C:\Windows\CDE SX200EXPORT.ini
[2009-07-20 21:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe
[2009-07-20 21:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe
[2009-04-24 00:52:21 | 000,723,981 | ---- | C] () -- C:\Users\KAROL\AppData\Local\unins000.exe
[2009-04-24 00:52:21 | 000,005,236 | ---- | C] () -- C:\Users\KAROL\AppData\Local\unins000.dat
[2009-04-19 16:36:45 | 000,000,066 | ---- | C] () -- C:\Windows\BBW_INFO.INI
[2009-04-15 11:02:05 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009-04-09 19:03:51 | 000,138,584 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009-04-09 19:03:39 | 000,189,672 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009-04-09 19:03:30 | 000,070,968 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009-03-25 22:17:22 | 000,000,026 | ---- | C] () -- C:\Windows\CDER220EDFNSCPHGT.ini
[2009-03-25 21:43:18 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009-03-25 21:43:18 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009-03-25 21:43:18 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009-03-25 21:43:18 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009-03-25 21:43:18 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009-03-25 21:43:18 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009-03-25 21:43:18 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009-03-25 21:43:18 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009-03-25 21:43:18 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009-03-25 21:43:18 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009-03-25 21:43:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009-03-25 21:43:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009-03-25 21:43:18 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009-03-25 21:43:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009-03-25 21:43:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009-03-25 21:43:18 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009-03-25 21:43:18 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009-03-25 21:43:18 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009-03-25 21:43:18 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009-03-23 13:31:47 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2009-03-10 23:52:22 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-03-10 23:19:27 | 000,008,484 | ---- | C] () -- C:\Users\KAROL\AppData\Local\d3d9caps.dat
[2009-03-07 11:50:03 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009-02-23 19:08:27 | 000,000,470 | ---- | C] () -- C:\Users\KAROL\AppData\Roaming\wklnhst.dat
[2009-02-21 20:40:15 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009-02-21 20:40:13 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009-02-21 20:40:13 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-02-21 20:40:13 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-02-21 20:40:11 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-02-21 20:40:11 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009-02-20 00:02:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-02-19 22:34:29 | 000,052,736 | ---- | C] () -- C:\Users\KAROL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-19 21:00:09 | 000,008,224 | ---- | C] () -- C:\Users\KAROL\AppData\Local\GDIPFONTCACHEV1.DAT
[2008-11-03 19:45:03 | 000,000,249 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2008-11-03 19:05:21 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-11-03 18:55:25 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008-08-25 16:31:45 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2008-08-25 16:31:45 | 000,137,286 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2008-08-25 16:31:45 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2008-08-25 16:31:45 | 000,013,218 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2008-05-04 18:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll
[2008-01-21 04:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2008-01-21 04:24:21 | 000,007,532 | ---- | C] () -- C:\Windows\System32\NT47AEX.DLL
[2008-01-16 07:41:26 | 000,019,968 | ---- | C] () -- C:\Windows\System32\ttmsoutlook1.dll
[2008-01-16 07:41:24 | 000,022,528 | ---- | C] () -- C:\Windows\System32\ttmsoffice1.dll
[2007-11-14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006-12-18 15:10:38 | 000,474,112 | ---- | C] () -- C:\Windows\System32\log4cplus_dll.dll
[2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 14:47:37 | 000,381,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 12:33:01 | 000,857,234 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2006-11-02 12:33:01 | 000,607,668 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 12:33:01 | 000,108,940 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 12:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2006-11-02 12:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 12:16:45 | 000,000,240 | ---- | C] () -- C:\Windows\win.ini
[2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006-11-02 09:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2006-11-02 09:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe
[2006-11-02 09:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe
[2006-11-02 09:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com
[2006-11-02 09:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM
[2006-11-02 09:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe
[2006-11-02 09:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe
[2006-11-02 09:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM
[2006-11-02 09:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe
[2006-11-02 09:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe
[2006-11-02 09:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM
[2006-11-02 09:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe
[2006-11-02 09:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe
[2006-11-02 09:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe
[2006-11-02 09:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe
[2006-11-02 09:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM
[2006-11-02 09:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe
[2006-11-02 09:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2006-11-02 09:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2006-11-02 09:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2006-11-02 09:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2006-11-02 09:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2006-11-02 09:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2006-11-02 09:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2006-11-02 09:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2006-11-02 09:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2006-11-02 09:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2006-11-02 09:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2006-11-02 09:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2006-11-02 09:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2006-11-02 09:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2006-11-02 09:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2006-11-02 08:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001-11-14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-03-29 01:04:11 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Avanquest
[2009-12-30 11:22:00 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\BitTorrent
[2009-02-22 01:46:12 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\DigitalPersona
[2009-09-10 23:54:32 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\EPSON
[2011-02-25 17:24:59 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\ESET
[2009-05-01 13:11:24 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Nowe Gadu-Gadu
[2009-12-23 02:16:11 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Avanquest
[2011-02-03 12:55:42 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Bentley
[2009-10-09 00:17:39 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\BitTorrent
[2010-11-11 20:46:23 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\blueconnect
[2009-10-17 17:49:42 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\DAEMON Tools Lite
[2009-02-19 20:59:43 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\DigitalPersona
[2010-04-23 23:12:50 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\DNA
[2011-09-22 16:20:01 | 000,000,000 | -H-D | M] -- C:\Users\KAROL\AppData\Roaming\drivers
[2009-04-24 00:50:53 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2009-08-07 11:11:22 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\EPSON
[2010-12-24 18:04:22 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\ESET
[2010-09-06 23:30:39 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Gadu-Gadu 10
[2011-07-22 23:03:31 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\GARMIN
[2010-09-07 22:55:40 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\gtk-2.0
[2010-11-18 00:28:12 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\ipla
[2009-09-19 23:41:31 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\LimeWire
[2010-01-05 20:54:01 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II
[2010-11-13 22:27:53 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\My Games
[2009-07-08 12:50:06 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Nokia
[2009-04-12 17:53:37 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Nowe Gadu-Gadu
[2010-11-27 17:47:36 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\OpenFM
[2009-07-08 11:51:44 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\PC Suite
[2010-03-02 02:02:34 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\POLENG
[2010-03-18 00:45:38 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Samsung
[2009-03-12 21:37:54 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Steinberg
[2010-03-02 02:03:18 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\T6
[2009-02-23 19:08:29 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Template
[2010-03-02 01:38:08 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\The Creative Assembly
[2009-03-08 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Tibia
[2011-03-18 01:17:16 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Ulead Systems
[2009-03-15 22:55:51 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\VST3 Presets
[2009-03-14 20:29:46 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Waves
[2009-03-14 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Waves Preferences
[2010-05-15 12:50:35 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Avanquest
[2010-05-15 14:01:58 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Bentley
[2010-05-15 13:35:15 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\DAEMON Tools Lite
[2010-05-15 10:55:24 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\DigitalPersona
[2010-12-31 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\ESET
[2011-09-27 22:24:54 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]
Log OTL EXTRAS:
[log]OTL Extras logfile created on: 2011-09-28 17:22:48 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\KAROL\Desktop\OTL
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,30% Memory free
6,19 Gb Paging File | 5,16 Gb Available in Paging File | 83,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,08 Gb Total Space | 58,46 Gb Free Space | 20,15% Space Free | Partition Type: NTFS
Drive D: | 8,01 Gb Total Space | 1,20 Gb Free Space | 14,95% Space Free | Partition Type: NTFS
Drive E: | 613,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,46 Gb Total Space | 4,53 Gb Free Space | 60,74% Space Free | Partition Type: NTFS

Computer Name: KAROL-PC | User Name: KAROL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.scr [@ = MicroStation Resource] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [command] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Przeglądaj za pomocą programu h Corel PaintShop Photo Pro X3] -- "C:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3384155157-3980012862-2537522586-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F2A23BB-10C6-4CDB-BC2C-DD5B4380FBA6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{10558D5B-8FE8-41FE-B80F-2787CECC2326}" = lport=139 | protocol=6 | dir=in | app=system |
"{3201567D-72D4-4521-8349-A5718D28056E}" = rport=139 | protocol=6 | dir=out | app=system |
"{43502B8F-C33E-434E-B771-30BCC5456BAA}" = lport=137 | protocol=17 | dir=in | app=system |
"{4C24480E-37E3-48B6-BB83-2F267FA63BB9}" = lport=445 | protocol=6 | dir=in | app=system |
"{5068FE7F-F65D-44A7-8E58-2846265CDDCD}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{58F3A70D-3FBA-4E7A-97AA-7EE079690C1E}" = lport=138 | protocol=17 | dir=in | app=system |
"{9230A8EA-662A-440C-A406-A0F832305254}" = rport=445 | protocol=6 | dir=out | app=system |
"{9E8E5D25-05C5-4836-8723-071935F8A372}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BDE12523-D368-4245-ACC6-046DFBD7D08F}" = rport=138 | protocol=17 | dir=out | app=system |
"{CADD605D-3586-4F6A-8F13-6E8A0FF11A63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E88A9D0A-05A1-466D-97DE-2303D9D98B1C}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{E9397464-37DD-4C27-8558-68F469117785}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EA9CBFA9-D996-4941-A897-A672853DA17C}" = rport=137 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0004BB2E-8113-4099-8871-25726C4CE66E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00F1B183-C1E7-46CD-B89E-CAA7E26922E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{024D64C2-268B-4432-924C-67932171A991}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{080A68CF-4FF3-4FE7-9903-F3E75D33D9E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09792CC4-17A8-4F0F-B662-9CC78F63B200}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1555006F-471F-492F-8382-6BEE899692ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1650225B-B2C2-4BC8-B258-5EC4466023DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1669F832-6E21-4C66-A43E-28578743418B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16DC2527-6C5F-484C-A025-7A9447874ED4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19053D5E-1A48-4135-8810-4241BF5896AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B490312-DCD5-4D2D-B6BF-64A9840E753B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1BD0D3A6-F0D8-409A-A60F-B2B9278ED68F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F339D6D-BE60-4E43-939E-F2050EFB80F1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
"{21FB1D28-8B1B-4106-A230-EBADFBBF84E8}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{23CB4C6D-D6C2-4D8B-B788-50C5184E350F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{244E4EF6-D6EA-4ACE-A53F-481AC907D053}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A88864D-3595-4636-9FA1-18211CDCD1E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DC8A5C8-B204-4F51-BBC3-636168FBEBC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F00E279-30C7-447C-8AFA-B3873BA1CE5D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33BD4E75-924B-456F-9E77-07569292E26C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39B15C46-F34B-4325-902A-0F6BA54C6E2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AEF5142-08F7-4D04-A6F1-44AC9AD4A065}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C777A22-C097-43AC-9E4E-9386A2A2365E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DE6D2EC-E994-4465-B30A-13E3A767C3D5}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{3ECC1D67-3EC2-41B7-91D4-B6EFE88AD4F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40CF049C-F05F-45D1-AF65-8246E01B70FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{416D2052-B6E0-4D4C-9474-1F68F36FCB01}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bitwa o śródziemie ii\game.dat |
"{43281175-D67F-464E-AFEC-4C84FFBA7FA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{444BA288-46AF-443C-BA26-D2BAAC7032AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{459849E3-3571-4E9F-B5BD-8A484B4EAC73}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47217946-8E7E-420E-976D-3B5AD639ECE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47349F4E-0817-4566-95C3-12B6F506B097}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47F31D22-DF0F-400C-BEF0-8314FC6A3CB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{48C0183F-A436-44C8-BEE2-F7255B1D4BDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A4939D8-F461-4967-B05B-F38C6B5DD491}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BC9F6FC-FA9B-4DB3-B891-1AD0AD6C51A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BE1A408-4106-414D-8835-03271C8142E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EC5B852-639A-42CB-8770-33E36E94A98F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55D089F6-42A9-47B3-9FAA-F375799B88CE}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bitwa o śródziemie ii\game.dat |
"{5713EDA6-B44E-4D11-B22D-0B803311CFC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{573417CD-AA1A-4989-A008-C9FE5467999D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B3C87B4-711C-421B-9D09-77EE323E3516}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{5C43A0E2-59F8-4247-966C-5B2C1D8650A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D59DE61-C3E9-4929-9C45-B42DEBA268DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5ED3FDB4-A439-4547-B27F-4C3B073C3C23}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5FBC68EC-36B3-4854-BAF4-37125568C567}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{634E1757-4AEC-41D2-B035-B5CAFB2DA69C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6522CA01-5F2D-4E0C-97A4-FC2462755AEF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{667B01E7-4746-4E08-9147-47D9DD3BC7A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68132967-1FF9-4B4E-A7E4-AC02DAAD0E59}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{69B3F3A4-5088-4D95-9632-DC35C07D4358}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{6E072742-4D4B-4003-81D6-6557809065EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7043EEA2-3D74-47C7-811F-7E1D2642B599}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{70BBEA19-F878-4A32-A35E-9E5C28D3CB52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72DAC267-0F55-4D64-AD54-5770491121D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{731B2D94-A41A-4B81-B0AA-626D9649C4AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7456ED09-1D66-4700-9852-B93FF497AEA4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74E9261B-BF3C-4966-83D4-A4C3146B1B88}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{756E018F-D0CE-46C6-B665-13CC501120CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77A0AD32-304E-469D-89F1-E01B6C60A979}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78C814F0-41DD-44CE-9380-3A44C9B144D2}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{7B8E2363-9425-4162-AF70-D7F0AF879E44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E574172-27BF-40C3-A23E-497FB303D555}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7EAB9380-3519-4273-91DA-6DAC427DE263}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{820EDC73-13AB-4054-AAFC-59DD88AEA071}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8446D91E-A088-43BA-AA7B-1DB68D2E3A27}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
"{859A0889-36B9-4BA0-A3C3-CDF82535B161}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{8989A37E-88A0-4074-B966-F8610F6A4A75}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8AB9CDDF-995C-4779-9FE4-D1B7A37342C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90310C12-F0F5-45D8-9CA4-F560B532D8ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{927A709E-A7B9-4048-B965-85AB73A242B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{92A99139-EFBF-4264-84BB-A5B25E68BFAE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{953F8075-508F-4EFC-ACEA-5DB8C7F43CAC}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{9655E8C6-4DB6-4F03-9EB5-AEF76E7ED015}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{97F5EEEB-5BDB-4D32-B6AF-0040EF0EE880}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{992456E6-91E0-4D06-A26B-8024D7BB778C}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{9A988901-5D98-4865-B869-209B84767EF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9E05AFE7-BE8F-4C95-B06A-7B161F3A355C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A05AE27B-0FAD-4432-B56B-0CF140FF4434}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A131EBC8-F07C-4F33-861C-C9E6FC740A07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A56F20A9-B2A3-4715-B985-B237FA811B45}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9B97A7F-E18A-4101-8DB7-D5FBCEDE4DF1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE7E8B39-3510-4DE7-8082-F1089B69EDFF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B092DF4E-41EF-48EA-BF10-D5A57E7E1FE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6D16B62-F52A-4216-9CD1-0A848970AA8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7248D36-8FDB-4434-96B1-A861088C0F70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B92DA10C-ECB3-4023-99D7-17391FA1973F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C1B3C154-9592-46AB-9E87-6B71438AF817}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C27C12B4-3584-4B34-A095-9AA485E63F1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C49367C2-3F0B-4450-AE05-0B097AA780C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C56CF1AE-EF43-48CE-8062-5647B588F873}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5B40DED-E548-4E6E-90BF-68E34B0B1F2B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6AB59D0-FDDD-4688-8A48-6626D58F949B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8B00D1B-B302-4D69-9E87-A8D30305B468}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8E028E0-AF44-4C52-AE70-73053DFD3822}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2A223E2-14C9-4ACA-B018-B2B8A71FBA3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2D9B6AD-EE65-479E-9D2B-CABB237F8AA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3D64D29-E99B-4C36-AAA1-59A44121F4B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D42EC6E3-C0DC-47A1-B37F-1191F79934B9}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{D4F151F9-1081-4994-B1C7-3EEE6AFFAF2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D594564B-D53F-40A8-AC84-000BA5EEA3FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8C6C58C-920C-4D90-BC44-62F84D37802B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D94A7647-BD8C-4E76-96FE-2FB01AAE81BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC9155E9-90F8-4606-B0A9-A30E69B018EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E1ABCE58-56D4-407B-AD57-7CFB94A99DFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4BD6B49-6E6B-4AD9-9ED2-9340A3E391DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5603646-11BD-47FE-A88B-5F4EE188F2C4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E63AF067-194D-45C1-A4DF-CB0D1B87813E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E69C7FDF-AE87-411B-AA22-C628921C4C4A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7C61BAB-F970-4D13-9107-C5DA3E6A374F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E81433A9-712F-4B8B-8389-A28568041E70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9469CBB-F4EF-4977-8666-8C5BA89245EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA5E385A-05D9-49E0-9EA6-F319C642D6C4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EADC4791-48F7-4BA5-BE96-65768DA01E8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED8A6D02-60AE-4B31-AF71-4DF6C4FFA6A5}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F328FA08-D53B-4D99-9C37-2E780913C4D0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F64D3AA9-9D79-4F19-8167-D96FC035B3E1}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{F6A1F6B4-E396-4B6F-BC87-A2F63CECC6BF}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{F95CC508-264B-4710-9DB1-E73B81E4A6C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB3B10B4-568C-47EA-9B32-0DDFC3108E33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC0FA5EC-7B0A-4B6B-B7B0-D3C9FD93783D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDC59FCF-9F87-4F3C-9222-DABF7101B88B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF22A23B-6D30-4AC1-B7FE-6A4B1960B9AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"_{9C9078D1-FA30-4E1B-A194-983A4898F848}" = Corel KPT Collection
"_{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5
"_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Pro X3
"_{DFAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Project Creator
"{00473C7D-1789-4873-9A75-96647FB01D27}" = Translatica 7
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Asystent rejestrowania za pomocą identyfikatora Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A5D65E1-B438-4148-97E3-1BC3627BEC71}" = DigitalPersona Personal 4.11
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{223818EB-2BB5-4AAD-9F38-BA9668A4E3F3}" = Windows Live Messenger
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Bitwa o Śródziemie™ II
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{33691AFF-9ABF-4278-BDB6-902EE07D9237}" = Native Instruments Guitar Rig 3
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{472ABCE2-5B2E-4D29-ABF4-94E1097558A6}" = Diplomacy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578920D9-66B7-4DBF-88EE-8E27D54C684F}" = Jupiter 2009 Standard
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{62621555-6310-433D-983E-957D707DC535}" = ESET Smart Security
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{6D3A83A6-8F72-4354-A80D-721D1E54FC76}" = Garmin City Navigator Europe NT 2012.20 Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{745877DC-8FFE-4E4C-ABBC-589B887A47D1}" = Virtual Sound Canvas DXi
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{804EC265-0837-4694-8324-7D385A08319F}" = Hearts of Iron III
"{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1" = Wtyczka e-Deklaracje
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{88CF7ACB-6A31-4EB0-9BA3-5C54D314620C}_is1" = Pasek TVN24 wersja 1.13
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications ® Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications ® Core - English
"{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{938C2383-A692-4D2C-AE45-024F91EF7B1D}" = CorelDRAW Graphics Suite X5 - PL
"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0
"{97AFC99F-3E90-4A9F-B4BA-CFDDB9785FDC}" = Jupiter 2008 Standard
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9078D1-FA30-4E1B-A194-983A4898F848}" = Corel KPT Collection
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6EC5250-2E27-1B1C-2283-BBD468EEB1B9}" = e-Deklaracje
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A84C785A-0796-4BED-9BC3-EFB6C4F12602}" = Mirar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobilny Internet
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Polish
"{AC8A37CB-39AD-46C2-9AB5-F6FBE037CC57}" = Bentley MicroStation V8 XM Edition 08.09.04.44
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B1FD6402-6414-42B6-BD77-22F43087D783}" = Gary Grigsby's World At War
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B8169E45-8E23-430B-91D1-EC64540C8ED0}" = HP User Guides 0103
"{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DD876490-252F-4EEF-B205-2E8F5A6E523B}" = ProtectSmart Hard Drive Protection
"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DE612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL
"{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM
"{DF4A2F61-1E26-4D51-94BB-36D77678BDAD}" = PSPH10Pro
"{DF4ABC2B-5CA9-48B2-9266-15AB78384D3C}" = Share
"{DF612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DF75FFEE-2FCE-4774-902A-749198C00A68}" = PureHD
"{DF99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_PRJ
"{DFAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DFBCC13A-E4F2-45EE-846F-D143CEDDDBCB}" = DeviceIO
"{DFC02397-E0EF-4891-820E-1547DCC6701B}" = ContentHD
"{DFC4FA35-7C6B-4C9E-863B-58C4D7472F41}" = VIO
"{DFD99A66-493F-468B-BCE1-6F88612B89D5}" = Contents
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F01B7EF4-F487-4948-AA18-5332FE5495C9}" = Medieval - Total War - Złota Edycja
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F37ACB45-F73B-47A2-BCE5-3019312D8A06}" = GPMapa 2009.3
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"ALLConverter to 3GP_is1" = ALLConverter to 3GP
"ALLPlayer_is1" = ALLPlayer V4.X
"Alpha ASIO driver" = Lexicon Alpha ASIO (remove only)
"AOL Toolbar" = Pasek narzędzi AOL 5.0
"BattlesInNormandyv101" = Battles In Normandy v1.01
"BB_is1" = RealDrums Set 14
"blueconnect" = blueconnect
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Counter-Strike 1.6" = Counter-Strike 1.6
"Crown Of Glory1.10" = Crown Of Glory
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Pakiet sterowników systemu Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"eMule" = eMule
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"EPSON Stylus SX200_SX400_TX200_TX400 Przewodnik użytkownika" = EPSON Stylus SX200_SX400_TX200_TX400 Podręcznik
"ForteDXi_is1" = ForteDXi 1.6
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameSpy Arcade" = GameSpy Arcade
"Gary Grigsby's World At War1.040" = Gary Grigsby's World At War
"Google Chrome" = Google Chrome
"Guitar Pro 4.0.7" = Guitar Pro 4.0.7
"IK Multimedia Amplitube v1.3" = IK Multimedia Amplitube v1.3
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{578920D9-66B7-4DBF-88EE-8E27D54C684F}" = Jupiter 2009 Standard
"InstallShield_{97AFC99F-3E90-4A9F-B4BA-CFDDB9785FDC}" = Jupiter 2008 Standard
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F01B7EF4-F487-4948-AA18-5332FE5495C9}" = Medieval - Total War - Złota Edycja
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Instrukcja użytkownika ESPR220" = Instrukcja użytkownika ESPR220
"ipla" = ipla 2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.6.2 (Full)
"LexiconStudio" = Lexicon Pantheon VST Plug-in (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mistrz Klawiatury 1.0_is1" = Mistrz Klawiatury 1.0
"Mozilla Firefox 6.0 (x86 pl)" = Mozilla Firefox 6.0 (x86 pl)
"Narodziny Ameryki_is1" = Narodziny Ameryki
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Kontakt Player Sibelius" = Native Instruments Kontakt Player Sibelius
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Neuratron PhotoScore Lite" = Neuratron PhotoScore Lite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"OpenAL" = OpenAL
"Pasek TVN24" = Pasek TVN24 1.11
"PG Music DirectX Plugins_is1" = PG Music DirectX Plugins 1.3.4.1
"Próba Czasu" = Cywilizacja II: Próba Czasu
"RealPlayer 6.0" = RealPlayer
"SAMSUNG Android USB Modem" = SAMSUNG Android USB Modem Software
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Sibelius 3" = Sibelius 3
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Steam App 34030" = Napoleon: Total War
"Steam App 63950" = IL-2 Sturmovik: Cliffs of Dover
"Syncrosoft License Control" = Syncrosoft License Control
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VASSAL (3.1.16)" = VASSAL (3.1.16)
"Vodei Multimedia Processor" = Vodei Multimedia Processor 2.10
"Waves GTR 3" = Waves GTR 3
"Wielka Encyklopedia Roślin" = Wielka Encyklopedia Roślin
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinKalk" = WinKalk
"WinRAR archiver" = Archiwizator WinRAR
"Xfire" = Xfire (remove only)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"DealAssistant" = DealAssistant
"VASSAL" = VASSAL

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-09-22 03:24:49 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-23 02:54:07 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-23 12:46:25 | Computer Name = KAROL-PC | Source = Google Update | ID = 20
Description =

Error - 2010-09-23 16:52:29 | Computer Name = KAROL-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd POWERPNT.EXE, wersja 11.0.8324.0, sygnatura
czasowa 0x4bc93678, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura
czasowa 0x49e03821, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003974e, identyfikator
procesu 0x1358, godzina rozpoczęcia aplikacji 0x01cb5b57f4676410.

Error - 2010-09-24 03:53:37 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-25 03:16:03 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 03:09:27 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 04:05:42 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 05:24:05 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 06:47:54 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

[ DigitalPersona Pro Events ]
Error - 2009-04-14 08:01:44 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-14 08:01:49 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-14 08:02:03 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-25 16:15:26 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-25 16:15:31 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2001-01-01 21:27:43 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2010-01-18 07:17:06 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827589
Description = DPHost cannot start. Error: 0x8009000f

[ Media Center Events ]
Error - 2009-03-25 03:16:47 | Computer Name = KAROL-PC | Source = MCUpdate | ID = 0
Description = Oczekiwanie na obiekt mutex funkcji MCUpdate nie powiodło się i zgłoszono
wyjątek: Oczekiwanie zakończone z powodu porzuconego elementu mutex..

Error - 2010-01-03 07:43:33 | Computer Name = KAROL-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Nazwa obiektu: Media Center
Guide

Error - 2010-06-03 17:07:38 | Computer Name = KAROL-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.WaitForUploadComplete
failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError
returned 10000109 Proces: DefaultDomain Nazwa obiektu: Media Center Guide

[ System Events ]
Error - 2011-09-28 08:11:46 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2011-09-28 08:28:56 | Computer Name = KAROL-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 14:27:12 na 2011-09-28 było nieoczekiwane.

Error - 2011-09-28 08:29:35 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2011-09-28 08:31:42 | Computer Name = KAROL-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-09-28 10:30:23 | Computer Name = KAROL-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 16:00:47 na 2011-09-28 było nieoczekiwane.

Error - 2011-09-28 10:31:22 | Computer Name = KAROL-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-09-28 10:31:53 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2011-09-28 11:13:40 | Computer Name = KAROL-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 17:00:13 na 2011-09-28 było nieoczekiwane.

Error - 2011-09-28 11:14:57 | Computer Name = KAROL-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-09-28 11:15:08 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

[ Translatica Events ]
Error - 2010-08-02 17:06:31 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-03 14:00:54 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-11 17:29:38 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-12 05:46:45 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-14 07:23:38 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-14 17:52:29 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-14 17:54:19 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-16 15:59:16 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-16 16:24:24 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-17 18:28:00 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.


< End of report >[/log]


Podczas skanowania Gmerem crashuje mi gdy dochodzi do skanowania pliku volumeshadowcopy3, za każdym razem. :/
(crashuje sam program, nie windows)

Gość
komentarz
komentarz

[quote]Podczas skanowania Gmerem crashuje mi gdy dochodzi do skanowania pliku volumeshadowcopy3, za każdym razem. :/[/quote]

Zrób scan [b]MBRCHeck[/b] i daj z tego log [url="http://www.hotfix.pl/wykrywanie-rootkitow-w-sektorze-mbr-mbrcheck-exe-a340.htm"]http://www.hotfix.pl/wykrywanie-rootkitow-w-sektorze-mbr-mbrcheck-exe-a340.htm[/url]

Perfer
komentarz
komentarz (edytowane)

Log z MBRCheck'a:

[log]
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Compal
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv7 Notebook PC
Logical Drives Mask: 0x0000005c

Kernel Drivers (total 215):
0x8261A000 \SystemRoot\system32\ntkrnlpa.exe
0x829D3000 \SystemRoot\system32\hal.dll
0x80404000 \SystemRoot\system32\kdcom.dll
0x8040B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8047B000 \SystemRoot\system32\PSHED.dll
0x8048C000 \SystemRoot\system32\BOOTVID.dll
0x80494000 \SystemRoot\system32\CLFS.SYS
0x804D5000 \SystemRoot\system32\CI.dll
0x8060B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067C000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068A000 \SystemRoot\system32\drivers\acpi.sys
0x806D0000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806D9000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E1000 \SystemRoot\system32\drivers\pci.sys
0x80708000 \SystemRoot\system32\drivers\isapnp.sys
0x80717000 \SystemRoot\system32\drivers\mpio.sys
0x80733000 \SystemRoot\System32\drivers\partmgr.sys
0x80742000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80745000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8074F000 \SystemRoot\system32\drivers\volmgr.sys
0x8075E000 \SystemRoot\System32\drivers\volmgrx.sys
0x807A8000 \SystemRoot\system32\drivers\intelide.sys
0x807AF000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x807BD000 \SystemRoot\system32\drivers\pciide.sys
0x807C4000 \SystemRoot\system32\drivers\aliide.sys
0x807CB000 \SystemRoot\system32\drivers\amdide.sys
0x807D2000 \SystemRoot\system32\drivers\cmdide.sys
0x807DA000 \SystemRoot\System32\drivers\mountmgr.sys
0x805B5000 \SystemRoot\system32\drivers\msdsm.sys
0x805CF000 \SystemRoot\system32\drivers\nvraid.sys
0x8AC0E000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8AC2F000 \SystemRoot\system32\drivers\viaide.sys
0x8AC37000 \SystemRoot\system32\drivers\iastorv.sys
0x8ACD8000 \SystemRoot\system32\drivers\atapi.sys
0x8ACE0000 \SystemRoot\system32\drivers\ataport.SYS
0x8ACFE000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x8AD18000 \SystemRoot\system32\drivers\storport.sys
0x8AD59000 \SystemRoot\system32\drivers\nvstor.sys
0x8AD66000 \SystemRoot\system32\drivers\msahci.sys
0x8AD70000 \SystemRoot\system32\drivers\hpcisss.sys
0x8AD7B000 \SystemRoot\system32\drivers\adp94xx.sys
0x8AE03000 \SystemRoot\system32\drivers\adpahci.sys
0x8AE4F000 \SystemRoot\system32\drivers\adpu160m.sys
0x8AE6A000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x8AE90000 \SystemRoot\system32\drivers\adpu320.sys
0x8AEB6000 \SystemRoot\system32\drivers\djsvs.sys
0x8AECA000 \SystemRoot\system32\drivers\arc.sys
0x8AEE0000 \SystemRoot\system32\drivers\arcsas.sys
0x8AEF6000 \SystemRoot\system32\drivers\elxstor.sys
0x8AF8A000 \SystemRoot\system32\drivers\i2omp.sys
0x8AF94000 \SystemRoot\system32\drivers\iirsp.sys
0x8AFA4000 \SystemRoot\system32\drivers\iteatapi.sys
0x8AFB0000 \SystemRoot\system32\drivers\iteraid.sys
0x8AFBC000 \SystemRoot\system32\drivers\lsi_fc.sys
0x8AFD6000 \SystemRoot\system32\drivers\lsi_sas.sys
0x8AFEE000 \SystemRoot\system32\drivers\megasas.sys
0x8B003000 \SystemRoot\system32\drivers\megasr.sys
0x8B0BA000 \SystemRoot\system32\drivers\mraid35x.sys
0x8B0C5000 \SystemRoot\system32\drivers\nfrd960.sys
0x8B20E000 \SystemRoot\system32\drivers\ql2300.sys
0x8B346000 \SystemRoot\system32\drivers\ql40xx.sys
0x8B39B000 \SystemRoot\system32\drivers\sisraid2.sys
0x8B3A8000 \SystemRoot\system32\drivers\sisraid4.sys
0x8B3BD000 \SystemRoot\system32\drivers\symc8xx.sys
0x8B3C9000 \SystemRoot\system32\drivers\sym_hi.sys
0x8B3D4000 \SystemRoot\system32\drivers\sym_u3.sys
0x8B0D3000 \SystemRoot\system32\drivers\uliahci.sys
0x8B3DF000 \SystemRoot\system32\drivers\ulsata.sys
0x8B10F000 \SystemRoot\system32\drivers\ulsata2.sys
0x8B13B000 \SystemRoot\system32\drivers\vsmraid.sys
0x8B15C000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B18E000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B40D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B47E000 \SystemRoot\system32\drivers\ndis.sys
0x8B589000 \SystemRoot\system32\drivers\msrpc.sys
0x8B5B4000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B609000 \SystemRoot\System32\drivers\tcpip.sys
0x8B6F3000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B801000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B911000 \SystemRoot\system32\drivers\wd.sys
0x8B919000 \SystemRoot\system32\drivers\volsnap.sys
0x8B952000 \SystemRoot\System32\Drivers\spldr.sys
0x8B95A000 \SystemRoot\system32\drivers\sbp2port.sys
0x8B96F000 \SystemRoot\System32\Drivers\mup.sys
0x8B97E000 \SystemRoot\System32\drivers\ecache.sys
0x8B9A5000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x8B9AE000 \SystemRoot\system32\drivers\disk.sys
0x8B9BF000 \SystemRoot\system32\drivers\crcdisk.sys
0x8B9EA000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B70E000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8B9F5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8FA02000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x903E8000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x8B71D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x903EA000 \SystemRoot\System32\drivers\watchdog.sys
0x8B7BE000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8B19E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B7C9000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x9040E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x90600000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
0x90989000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x909AB000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x909BB000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x909C9000 \SystemRoot\system32\DRIVERS\jmcr.sys
0x909E0000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x909F3000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x9049B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x904A6000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x909F8000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x904D6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x904E1000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x909FA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x904F9000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x90504000 \SystemRoot\system32\DRIVERS\enecir.sys
0x9051C000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x90525000 \SystemRoot\system32\DRIVERS\Epfwndis.sys
0x90530000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x9055F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x9056A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x90581000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x9058C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x905AF000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x905BE000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x905D2000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x905E7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x905F7000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90E0F000 \SystemRoot\system32\DRIVERS\ks.sys
0x90E39000 \SystemRoot\system32\DRIVERS\circlass.sys
0x90E47000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90E51000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90E5E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x90E93000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90EA4000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x90F06000 \SystemRoot\system32\DRIVERS\portcls.sys
0x90F33000 \SystemRoot\system32\DRIVERS\drmk.sys
0x90F58000 \SystemRoot\system32\drivers\nvhda32v.sys
0x90F7D000 \SystemRoot\system32\DRIVERS\hidir.sys
0x90F88000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90F98000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90F9F000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x90FA8000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x90FB0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90FB9000 \SystemRoot\System32\Drivers\Null.SYS
0x90FC0000 \SystemRoot\System32\Drivers\Beep.SYS
0x90FC7000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x90FE6000 \SystemRoot\System32\drivers\vga.sys
0x8B7D8000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x90FF2000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x90E00000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90400000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8B5EF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x903F6000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8B1DC000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8ADE5000 \SystemRoot\system32\DRIVERS\smb.sys
0x91608000 \SystemRoot\system32\drivers\afd.sys
0x91650000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91682000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91698000 \SystemRoot\system32\DRIVERS\netbios.sys
0x916A6000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x916B9000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x916F5000 \SystemRoot\system32\drivers\nsiproxy.sys
0x916FF000 \??\C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys
0x9170E000 \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys
0x91717000 \SystemRoot\System32\Drivers\dfsc.sys
0x9172E000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x9173B000 \SystemRoot\System32\Drivers\bthport.sys
0x917BB000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x917D2000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x92A06000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x92A2F000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x92A39000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x92A53000 \SystemRoot\system32\DRIVERS\bthmodem.sys
0x92A62000 \SystemRoot\system32\drivers\modem.sys
0x92A6F000 \SystemRoot\system32\drivers\btwavdt.sys
0x92ADA000 \SystemRoot\system32\drivers\btwaudio.sys
0x92B5A000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x92B5D000 \SystemRoot\system32\drivers\vfs101x.sys
0x92B6A000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x92B80000 \SystemRoot\System32\Drivers\usbvideo.sys
0x92BA1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x92BAE000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x92BB9000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9B490000 \SystemRoot\System32\win32k.sys
0x92BC3000 \SystemRoot\System32\drivers\Dxapi.sys
0x92BCD000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9B6B0000 \SystemRoot\System32\TSDDD.dll
0x9B6D0000 \SystemRoot\System32\cdd.dll
0x92BDC000 \SystemRoot\system32\drivers\luafv.sys
0x9F40D000 \SystemRoot\system32\DRIVERS\eamonm.sys
0x9F4B3000 \SystemRoot\system32\DRIVERS\epfw.sys
0x9F4D5000 \SystemRoot\system32\drivers\spsys.sys
0x9F585000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9F595000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9F5BF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9F5C9000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA2005000 \SystemRoot\system32\drivers\HTTP.sys
0xA2072000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA208F000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA20A8000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA20BD000 \SystemRoot\system32\drivers\mrxdav.sys
0xA20DE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA20FD000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA2136000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA214E000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA2175000 \SystemRoot\System32\DRIVERS\srv.sys
0xA21DB000 \SystemRoot\system32\DRIVERS\epfwwfp.sys
0xA4A07000 \SystemRoot\system32\drivers\peauth.sys
0xA4AE5000 \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys
0xA4B0D000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA4B17000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA4B25000 \??\C:\Windows\system32\FsUsbExDisk.SYS
0xA4B2E000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xA4B43000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA4B58000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0x77BA0000 \Windows\System32\ntdll.dll

Processes (total 99):
0 System Idle Process
4 SYSTEM
516 C:\Windows\System32\smss.exe
604 csrss.exe
656 C:\Windows\System32\wininit.exe
672 csrss.exe
704 C:\Windows\System32\services.exe
720 C:\Windows\System32\lsass.exe
728 C:\Windows\System32\lsm.exe
876 C:\Windows\System32\svchost.exe
920 C:\Windows\System32\nvvsvc.exe
952 C:\Windows\System32\svchost.exe
992 C:\Windows\System32\winlogon.exe
1084 C:\Windows\System32\svchost.exe
1108 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
1220 C:\Windows\System32\audiodg.exe
1344 C:\Windows\System32\svchost.exe
1376 C:\Windows\System32\SLsvc.exe
1432 C:\Windows\System32\svchost.exe
1528 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1540 C:\Windows\System32\nvvsvc.exe
1560 C:\Windows\System32\hpservice.exe
1696 C:\Windows\System32\vfsFPService.exe
1756 C:\Windows\System32\svchost.exe
1968 C:\Windows\System32\spoolsv.exe
1980 C:\Windows\System32\taskeng.exe
2000 C:\Program Files\DigitalPersona\Bin\DpHostW.exe
424 C:\Windows\System32\svchost.exe
524 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
2052 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
2080 C:\Windows\System32\svchost.exe
2100 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2132 C:\Program Files\Bonjour\mDNSResponder.exe
2148 C:\Windows\System32\svchost.exe
2172 C:\Program Files\ESET\ESET Smart Security\ekrn.exe
2316 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
2328 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2348 C:\Windows\System32\FsUsbExService.Exe
2376 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2416 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
2444 C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
2480 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
2516 C:\Windows\System32\PnkBstrA.exe
2528 C:\Windows\System32\svchost.exe
2544 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
2564 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2588 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
2612 C:\Windows\SMINST\BLService.exe
2636 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2708 C:\Windows\System32\svchost.exe
2760 C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe
2788 C:\Windows\System32\svchost.exe
2812 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2832 C:\Windows\System32\SearchIndexer.exe
3200 WmiPrvSE.exe
3272 C:\Windows\servicing\TrustedInstaller.exe
3460 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3768 C:\Windows\System32\taskeng.exe
3780 C:\Windows\System32\dwm.exe
3860 C:\Windows\explorer.exe
4028 WUDFHost.exe
1772 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
532 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
388 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
2700 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
2900 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3028 C:\Program Files\DigitalPersona\Bin\DpAgent.exe
2704 C:\Program Files\Netia\Mobilny Internet\UIExec.exe
1392 C:\Program Files\blueconnect\DataCardMonitor.exe
3260 C:\Program Files\ESET\ESET Smart Security\egui.exe
2976 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3448 C:\Program Files\Common Files\Corel\Standby\Standby.exe
3452 C:\Program Files\iTunes\iTunesHelper.exe
936 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
832 C:\Windows\ehome\ehtray.exe
3064 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3712 C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEFE.EXE
3788 C:\Program Files\Windows Media Player\wmpnscfg.exe
3760 C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
3752 C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
3820 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2668 C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
3840 C:\Windows\ehome\ehmsas.exe
3384 C:\Program Files\Windows Media Player\wmpnetwk.exe
3304 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
3396 WmiPrvSE.exe
4276 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
4440 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
4528 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4676 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
5120 C:\Program Files\iPod\bin\iPodService.exe
5160 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
5456 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
460 C:\Windows\System32\conime.exe
2408 C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
1260 C:\Users\KAROL\Desktop\MBRCheck.exe
5664 C:\Windows\System32\wbem\WMIADAP.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000048`85400000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-60ZCT0, Rev: 12.01A12

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 08F21ADD893776C287CC68A3558F8D095B50ED3C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
[/log]

p.s. Jak to jest że ESET 4 tego nie wykrywa?(nie chodzi mi o wyleczenie/kasowanie, a o samo wykrywanie) musiał zostać nagrany w momencie gdy już to było, czy on tego po prostu nie ogarnia, bo nie ładuje się aż tak w pliki systemowe? btw. dzięki że mi pomagasz!

Gość
komentarz
komentarz

1. Odinstaluj Deamon Tools i usuń sterownik [b]SPTD[/b] - instrukcja [url="http://www.fixitpc.pl/forum-38/announcement-2-wazne-oprogramowanie-emulujace-napedy/"]http://www.fixitpc.p...ulujace-napedy/[/url]
2. Uruchom Kasperski [b]TDSSKiller[/b] [url="http://support.kaspersky.com/pl/faq/?qid=208283359"]http://support.kaspe.../?qid=208283359[/url]
jeśli Kasperski coś znajdzie nic nie usuwaj, (opcje ustaw na SKIP) tylko daj z skanu log.

Perfer
komentarz
komentarz

Scan TDSSKiller:
[log]
18:46:09.0037 5488 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
18:46:09.0234 5488 ============================================================
18:46:09.0234 5488 Current date / time: 2011/09/29 18:46:09.0234
18:46:09.0234 5488 SystemInfo:
18:46:09.0234 5488
18:46:09.0234 5488 OS Version: 6.0.6002 ServicePack: 2.0
18:46:09.0234 5488 Product type: Workstation
18:46:09.0234 5488 ComputerName: KAROL-PC
18:46:09.0234 5488 UserName: KAROL
18:46:09.0234 5488 Windows directory: C:\Windows
18:46:09.0234 5488 System windows directory: C:\Windows
18:46:09.0234 5488 Processor architecture: Intel x86
18:46:09.0234 5488 Number of processors: 2
18:46:09.0234 5488 Page size: 0x1000
18:46:09.0235 5488 Boot type: Normal boot
18:46:09.0235 5488 ============================================================
18:46:10.0383 5488 Initialize success
18:46:15.0198 4236 ============================================================
18:46:15.0198 4236 Scan started
18:46:15.0198 4236 Mode: Manual; SigCheck; TDLFS;
18:46:15.0198 4236 ============================================================
18:46:15.0827 4236 Accelerometer (aef9ee4451d5c46370142cb06d0f3591) C:\Windows\system32\DRIVERS\Accelerometer.sys
18:46:15.0906 4236 Accelerometer - ok
18:46:15.0951 4236 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:46:15.0971 4236 ACPI - ok
18:46:16.0049 4236 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:46:16.0143 4236 adp94xx - ok
18:46:16.0160 4236 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:46:16.0172 4236 adpahci - ok
18:46:16.0217 4236 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:46:16.0228 4236 adpu160m - ok
18:46:16.0246 4236 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:46:16.0258 4236 adpu320 - ok
18:46:16.0318 4236 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
18:46:16.0344 4236 AFD - ok
18:46:16.0367 4236 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:46:16.0376 4236 agp440 - ok
18:46:16.0401 4236 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:46:16.0413 4236 aic78xx - ok
18:46:16.0461 4236 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:46:16.0470 4236 aliide - ok
18:46:16.0492 4236 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:46:16.0502 4236 amdagp - ok
18:46:16.0515 4236 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:46:16.0524 4236 amdide - ok
18:46:16.0549 4236 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:46:16.0573 4236 AmdK7 - ok
18:46:16.0589 4236 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
18:46:16.0614 4236 AmdK8 - ok
18:46:16.0642 4236 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:46:16.0651 4236 arc - ok
18:46:16.0663 4236 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:46:16.0674 4236 arcsas - ok
18:46:16.0709 4236 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:46:16.0732 4236 AsyncMac - ok
18:46:16.0755 4236 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:46:16.0766 4236 atapi - ok
18:46:16.0809 4236 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:46:16.0857 4236 BCM43XV - ok
18:46:16.0889 4236 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:46:16.0912 4236 Beep - ok
18:46:16.0942 4236 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:46:16.0971 4236 blbdrive - ok
18:46:17.0015 4236 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
18:46:17.0041 4236 bowser - ok
18:46:17.0060 4236 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:46:17.0078 4236 BrFiltLo - ok
18:46:17.0099 4236 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:46:17.0118 4236 BrFiltUp - ok
18:46:17.0143 4236 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:46:17.0186 4236 Brserid - ok
18:46:17.0205 4236 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:46:17.0248 4236 BrSerWdm - ok
18:46:17.0266 4236 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:46:17.0308 4236 BrUsbMdm - ok
18:46:17.0331 4236 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:46:17.0373 4236 BrUsbSer - ok
18:46:17.0415 4236 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
18:46:17.0433 4236 BthEnum - ok
18:46:17.0468 4236 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
18:46:17.0486 4236 BTHMODEM - ok
18:46:17.0520 4236 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
18:46:17.0545 4236 BthPan - ok
18:46:17.0579 4236 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
18:46:17.0604 4236 BTHPORT - ok
18:46:17.0641 4236 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
18:46:17.0660 4236 BTHUSB - ok
18:46:17.0688 4236 btwaudio (229b2c1e776062a4033305d5a9d6e28d) C:\Windows\system32\drivers\btwaudio.sys
18:46:17.0758 4236 btwaudio - ok
18:46:17.0779 4236 btwavdt (97062053359f6908e1fb2791bfa54734) C:\Windows\system32\drivers\btwavdt.sys
18:46:17.0787 4236 btwavdt - ok
18:46:17.0802 4236 btwrchid (d9269b0e3e3cf46d677fd071a40fe6cd) C:\Windows\system32\DRIVERS\btwrchid.sys
18:46:17.0808 4236 btwrchid - ok
18:46:17.0831 4236 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:46:17.0856 4236 cdfs - ok
18:46:17.0898 4236 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:46:17.0954 4236 cdrom - ok
18:46:17.0977 4236 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
18:46:18.0002 4236 circlass - ok
18:46:18.0045 4236 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:46:18.0062 4236 CLFS - ok
18:46:18.0113 4236 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:46:18.0137 4236 CmBatt - ok
18:46:18.0158 4236 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:46:18.0167 4236 cmdide - ok
18:46:18.0182 4236 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:46:18.0191 4236 Compbatt - ok
18:46:18.0207 4236 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:46:18.0216 4236 crcdisk - ok
18:46:18.0238 4236 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:46:18.0263 4236 Crusoe - ok
18:46:18.0331 4236 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
18:46:18.0349 4236 DfsC - ok
18:46:18.0380 4236 DfuUsb (0819d9af77d51b1c397d1097aa5bfddc) C:\Windows\system32\DRIVERS\DFUUsb.sys
18:46:18.0384 4236 DfuUsb ( UnsignedFile.Multi.Generic ) - warning
18:46:18.0384 4236 DfuUsb - detected UnsignedFile.Multi.Generic (1)
18:46:18.0428 4236 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:46:18.0457 4236 disk - ok
18:46:18.0482 4236 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:46:18.0501 4236 drmkaud - ok
18:46:18.0553 4236 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
18:46:18.0632 4236 DXGKrnl - ok
18:46:18.0673 4236 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:46:18.0723 4236 E1G60 - ok
18:46:18.0834 4236 eamonm (73ce42907cf42bfb91bcd27fe7c7a7af) C:\Windows\system32\DRIVERS\eamonm.sys
18:46:18.0842 4236 eamonm - ok
18:46:18.0891 4236 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:46:18.0902 4236 Ecache - ok
18:46:18.0964 4236 ehdrv (7d300a43a7bd8769e0f901bf9e1ae367) C:\Windows\system32\DRIVERS\ehdrv.sys
18:46:18.0974 4236 ehdrv - ok
18:46:19.0058 4236 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:46:19.0078 4236 elxstor - ok
18:46:19.0130 4236 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys
18:46:19.0141 4236 enecir - ok
18:46:19.0209 4236 epfw (15bfe00f030ea20955117bb0677e9668) C:\Windows\system32\DRIVERS\epfw.sys
18:46:19.0219 4236 epfw - ok
18:46:19.0298 4236 Epfwndis (52310e0e603d7da79ecca7d764937a91) C:\Windows\system32\DRIVERS\Epfwndis.sys
18:46:19.0304 4236 Epfwndis - ok
18:46:19.0354 4236 epfwwfp (235250a79cf1e16a5a42407cfe3f6a4c) C:\Windows\system32\DRIVERS\epfwwfp.sys
18:46:19.0361 4236 epfwwfp - ok
18:46:19.0411 4236 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:46:19.0435 4236 ErrDev - ok
18:46:19.0487 4236 ewusbnet - ok
18:46:19.0536 4236 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:46:19.0552 4236 exfat - ok
18:46:19.0593 4236 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:46:19.0619 4236 fastfat - ok
18:46:19.0638 4236 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:46:19.0661 4236 fdc - ok
18:46:19.0689 4236 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:46:19.0697 4236 FileInfo - ok
18:46:19.0718 4236 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:46:19.0743 4236 Filetrace - ok
18:46:19.0758 4236 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:46:19.0781 4236 flpydisk - ok
18:46:19.0829 4236 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:46:19.0841 4236 FltMgr - ok
18:46:19.0944 4236 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
18:46:19.0950 4236 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
18:46:19.0950 4236 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
18:46:19.0991 4236 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:46:20.0009 4236 Fs_Rec - ok
18:46:20.0030 4236 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:46:20.0040 4236 gagp30kx - ok
18:46:20.0077 4236 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:46:20.0084 4236 GEARAspiWDM - ok
18:46:20.0166 4236 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
18:46:20.0179 4236 HdAudAddService - ok
18:46:20.0241 4236 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:46:20.0283 4236 HDAudBus - ok
18:46:20.0323 4236 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:46:20.0366 4236 HidBth - ok
18:46:20.0396 4236 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
18:46:20.0414 4236 HidIr - ok
18:46:20.0468 4236 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:46:20.0486 4236 HidUsb - ok
18:46:20.0508 4236 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:46:20.0516 4236 HpCISSs - ok
18:46:20.0565 4236 hpdskflt (64637b65c90df48c94bb9346afb3ac61) C:\Windows\system32\DRIVERS\hpdskflt.sys
18:46:20.0571 4236 hpdskflt - ok
18:46:20.0602 4236 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:46:20.0612 4236 HpqKbFiltr - ok
18:46:20.0646 4236 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:46:20.0672 4236 HSFHWAZL - ok
18:46:20.0712 4236 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:46:20.0768 4236 HSF_DPV - ok
18:46:20.0831 4236 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\Windows\system32\Drivers\ANDROIDUSB.sys
18:46:20.0844 4236 HTCAND32 - ok
18:46:20.0882 4236 htcnprot (52395a94c127c0266d1c0f3cce8a4345) C:\Windows\system32\DRIVERS\htcnprot.sys
18:46:20.0893 4236 htcnprot - ok
18:46:20.0937 4236 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:46:20.0956 4236 HTTP - ok
18:46:20.0967 4236 huawei_enumerator - ok
18:46:20.0987 4236 hwdatacard - ok
18:46:21.0035 4236 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:46:21.0044 4236 i2omp - ok
18:46:21.0093 4236 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:46:21.0113 4236 i8042prt - ok
18:46:21.0133 4236 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:46:21.0145 4236 iaStorV - ok
18:46:21.0169 4236 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:46:21.0177 4236 iirsp - ok
18:46:21.0205 4236 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:46:21.0213 4236 intelide - ok
18:46:21.0234 4236 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:46:21.0260 4236 intelppm - ok
18:46:21.0278 4236 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:46:21.0322 4236 IpFilterDriver - ok
18:46:21.0335 4236 IpInIp - ok
18:46:21.0363 4236 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:46:21.0387 4236 IPMIDRV - ok
18:46:21.0403 4236 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:46:21.0430 4236 IPNAT - ok
18:46:21.0471 4236 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:46:21.0496 4236 IRENUM - ok
18:46:21.0515 4236 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:46:21.0524 4236 isapnp - ok
18:46:21.0579 4236 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:46:21.0594 4236 iScsiPrt - ok
18:46:21.0619 4236 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:46:21.0627 4236 iteatapi - ok
18:46:21.0653 4236 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:46:21.0662 4236 iteraid - ok
18:46:21.0685 4236 JMCR (da971cfc625d13636e04c405948e9d62) C:\Windows\system32\DRIVERS\jmcr.sys
18:46:21.0702 4236 JMCR - ok
18:46:21.0716 4236 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:46:21.0726 4236 kbdclass - ok
18:46:21.0774 4236 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:46:21.0793 4236 kbdhid - ok
18:46:21.0844 4236 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:46:21.0868 4236 KSecDD - ok
18:46:21.0944 4236 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:46:21.0968 4236 lltdio - ok
18:46:21.0990 4236 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:46:22.0000 4236 LSI_FC - ok
18:46:22.0027 4236 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:46:22.0038 4236 LSI_SAS - ok
18:46:22.0051 4236 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:46:22.0062 4236 LSI_SCSI - ok
18:46:22.0075 4236 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:46:22.0102 4236 luafv - ok
18:46:22.0135 4236 MailScan - ok
18:46:22.0175 4236 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
18:46:22.0186 4236 massfilter - ok
18:46:22.0236 4236 mdf15 (2c9959e7fbbc4b17470912ddd50426f2) C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys
18:46:22.0241 4236 mdf15 ( UnsignedFile.Multi.Generic ) - warning
18:46:22.0241 4236 mdf15 - detected UnsignedFile.Multi.Generic (1)
18:46:22.0278 4236 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:46:22.0288 4236 megasas - ok
18:46:22.0326 4236 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:46:22.0342 4236 MegaSR - ok
18:46:22.0386 4236 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:46:22.0411 4236 Modem - ok
18:46:22.0457 4236 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:46:22.0482 4236 monitor - ok
18:46:22.0521 4236 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:46:22.0531 4236 mouclass - ok
18:46:22.0554 4236 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:46:22.0578 4236 mouhid - ok
18:46:22.0602 4236 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:46:22.0611 4236 MountMgr - ok
18:46:22.0624 4236 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:46:22.0639 4236 mpio - ok
18:46:22.0664 4236 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:46:22.0683 4236 mpsdrv - ok
18:46:22.0712 4236 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:46:22.0721 4236 Mraid35x - ok
18:46:22.0750 4236 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:46:22.0763 4236 MRxDAV - ok
18:46:22.0799 4236 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:46:22.0813 4236 mrxsmb - ok
18:46:22.0837 4236 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:46:22.0853 4236 mrxsmb10 - ok
18:46:22.0866 4236 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:46:22.0880 4236 mrxsmb20 - ok
18:46:22.0945 4236 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
18:46:22.0955 4236 msahci - ok
18:46:22.0986 4236 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:46:22.0995 4236 msdsm - ok
18:46:23.0017 4236 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:46:23.0042 4236 Msfs - ok
18:46:23.0059 4236 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:46:23.0067 4236 msisadrv - ok
18:46:23.0088 4236 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:46:23.0111 4236 MSKSSRV - ok
18:46:23.0125 4236 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:46:23.0149 4236 MSPCLOCK - ok
18:46:23.0172 4236 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:46:23.0195 4236 MSPQM - ok
18:46:23.0245 4236 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:46:23.0260 4236 MsRPC - ok
18:46:23.0284 4236 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:46:23.0293 4236 mssmbios - ok
18:46:23.0308 4236 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:46:23.0333 4236 MSTEE - ok
18:46:23.0351 4236 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:46:23.0361 4236 Mup - ok
18:46:23.0408 4236 mvd17 (5e7782f9f87c740f97eaab131ea54562) C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys
18:46:23.0413 4236 mvd17 ( UnsignedFile.Multi.Generic ) - warning
18:46:23.0413 4236 mvd17 - detected UnsignedFile.Multi.Generic (1)
18:46:23.0465 4236 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:46:23.0478 4236 NativeWifiP - ok
18:46:23.0529 4236 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:46:23.0567 4236 NDIS - ok
18:46:23.0631 4236 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:46:23.0650 4236 NdisTapi - ok
18:46:23.0672 4236 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:46:23.0695 4236 Ndisuio - ok
18:46:23.0737 4236 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:46:23.0758 4236 NdisWan - ok
18:46:23.0779 4236 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:46:23.0799 4236 NDProxy - ok
18:46:23.0837 4236 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:46:23.0861 4236 NetBIOS - ok
18:46:23.0902 4236 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:46:23.0925 4236 netbt - ok
18:46:24.0062 4236 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
18:46:24.0254 4236 NETw5v32 - ok
18:46:24.0268 4236 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:46:24.0278 4236 nfrd960 - ok
18:46:24.0346 4236 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:46:24.0366 4236 Npfs - ok
18:46:24.0407 4236 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:46:24.0430 4236 nsiproxy - ok
18:46:24.0504 4236 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:46:24.0564 4236 Ntfs - ok
18:46:24.0594 4236 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:46:24.0636 4236 ntrigdigi - ok
18:46:24.0659 4236 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:46:24.0683 4236 Null - ok
18:46:24.0713 4236 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
18:46:24.0763 4236 NVENETFD - ok
18:46:24.0810 4236 NVHDA (0e616537f3e12d4c9fb71181c2f21bd5) C:\Windows\system32\drivers\nvhda32v.sys
18:46:24.0820 4236 NVHDA - ok
18:46:25.0090 4236 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:46:25.0610 4236 nvlddmkm - ok
18:46:25.0660 4236 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:46:25.0670 4236 nvraid - ok
18:46:25.0683 4236 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:46:25.0692 4236 nvstor - ok
18:46:25.0745 4236 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:46:25.0754 4236 nv_agp - ok
18:46:25.0767 4236 NwlnkFlt - ok
18:46:25.0781 4236 NwlnkFwd - ok
18:46:25.0829 4236 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
18:46:25.0847 4236 ohci1394 - ok
18:46:25.0913 4236 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:46:25.0957 4236 Parport - ok
18:46:26.0003 4236 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:46:26.0033 4236 partmgr - ok
18:46:26.0056 4236 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:46:26.0098 4236 Parvdm - ok
18:46:26.0141 4236 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:46:26.0153 4236 pci - ok
18:46:26.0176 4236 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
18:46:26.0185 4236 pciide - ok
18:46:26.0209 4236 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:46:26.0219 4236 pcmcia - ok
18:46:26.0262 4236 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:46:26.0351 4236 PEAUTH - ok
18:46:26.0426 4236 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:46:26.0450 4236 PptpMiniport - ok
18:46:26.0470 4236 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
18:46:26.0494 4236 Processor - ok
18:46:26.0547 4236 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:46:26.0566 4236 PSched - ok
18:46:26.0642 4236 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:46:26.0700 4236 ql2300 - ok
18:46:26.0723 4236 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:46:26.0732 4236 ql40xx - ok
18:46:26.0766 4236 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:46:26.0778 4236 QWAVEdrv - ok
18:46:26.0797 4236 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:46:26.0820 4236 RasAcd - ok
18:46:26.0846 4236 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:46:26.0869 4236 Rasl2tp - ok
18:46:26.0926 4236 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:46:26.0944 4236 RasPppoe - ok
18:46:26.0998 4236 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:46:27.0021 4236 RasSstp - ok
18:46:27.0071 4236 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:46:27.0092 4236 rdbss - ok
18:46:27.0106 4236 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:46:27.0130 4236 RDPCDD - ok
18:46:27.0179 4236 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:46:27.0205 4236 rdpdr - ok
18:46:27.0218 4236 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:46:27.0242 4236 RDPENCDD - ok
18:46:27.0269 4236 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:46:27.0288 4236 RDPWD - ok
18:46:27.0346 4236 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
18:46:27.0365 4236 RFCOMM - ok
18:46:27.0422 4236 rig3avs (afebc6dd529c46f83906b5f45a403b19) C:\Windows\system32\Drivers\rig3avs.sys
18:46:27.0436 4236 rig3avs - ok
18:46:27.0494 4236 rig3usb (d21e56840b37719e16ca1e8d7851ce2a) C:\Windows\system32\Drivers\rig3usb.sys
18:46:27.0502 4236 rig3usb - ok
18:46:27.0520 4236 rig3usb_svc (d21e56840b37719e16ca1e8d7851ce2a) C:\Windows\system32\Drivers\rig3usb.sys
18:46:27.0527 4236 rig3usb_svc - ok
18:46:27.0564 4236 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:46:27.0587 4236 rspndr - ok
18:46:27.0609 4236 RTL8169 (2fc33077f85d7dc0d03678c06d43898c) C:\Windows\system32\DRIVERS\Rtlh86.sys
18:46:27.0630 4236 RTL8169 - ok
18:46:27.0684 4236 RVIEG01 (93f66faea8bf047d4242ac85aada403d) C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys
18:46:27.0692 4236 RVIEG01 ( UnsignedFile.Multi.Generic ) - warning
18:46:27.0692 4236 RVIEG01 - detected UnsignedFile.Multi.Generic (1)
18:46:27.0721 4236 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:46:27.0730 4236 sbp2port - ok
18:46:27.0741 4236 SBRE - ok
18:46:27.0781 4236 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
18:46:27.0805 4236 sdbus - ok
18:46:27.0828 4236 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:46:27.0870 4236 secdrv - ok
18:46:27.0896 4236 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:46:27.0937 4236 Serenum - ok
18:46:27.0957 4236 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:46:28.0002 4236 Serial - ok
18:46:28.0031 4236 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:46:28.0054 4236 sermouse - ok
18:46:28.0082 4236 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:46:28.0100 4236 sffdisk - ok
18:46:28.0125 4236 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:46:28.0149 4236 sffp_mmc - ok
18:46:28.0165 4236 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:46:28.0188 4236 sffp_sd - ok
18:46:28.0203 4236 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:46:28.0245 4236 sfloppy - ok
18:46:28.0279 4236 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:46:28.0289 4236 sisagp - ok
18:46:28.0330 4236 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:46:28.0339 4236 SiSRaid2 - ok
18:46:28.0368 4236 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:46:28.0377 4236 SiSRaid4 - ok
18:46:28.0431 4236 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:46:28.0450 4236 Smb - ok
18:46:28.0483 4236 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:46:28.0491 4236 spldr - ok
18:46:28.0554 4236 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
18:46:28.0593 4236 sptd - ok
18:46:28.0646 4236 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
18:46:28.0661 4236 srv - ok
18:46:28.0709 4236 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
18:46:28.0723 4236 srv2 - ok
18:46:28.0766 4236 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
18:46:28.0779 4236 srvnet - ok
18:46:28.0844 4236 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\Windows\system32\DRIVERS\ss_bbus.sys
18:46:28.0851 4236 ss_bbus - ok
18:46:28.0902 4236 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
18:46:28.0909 4236 ss_bmdfl - ok
18:46:28.0970 4236 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\Windows\system32\DRIVERS\ss_bmdm.sys
18:46:28.0978 4236 ss_bmdm - ok
18:46:29.0046 4236 STHDA (21cc262ab5f42f7a6b91dc7304c2f267) C:\Windows\system32\DRIVERS\stwrt.sys
18:46:29.0062 4236 STHDA - ok
18:46:29.0117 4236 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:46:29.0126 4236 swenum - ok
18:46:29.0145 4236 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:46:29.0153 4236 Symc8xx - ok
18:46:29.0175 4236 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:46:29.0184 4236 Sym_hi - ok
18:46:29.0197 4236 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:46:29.0206 4236 Sym_u3 - ok
18:46:29.0240 4236 SynasUSB (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
18:46:29.0247 4236 SynasUSB - ok
18:46:29.0300 4236 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
18:46:29.0309 4236 SynTP - ok
18:46:29.0383 4236 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
18:46:29.0443 4236 Tcpip - ok
18:46:29.0506 4236 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
18:46:29.0543 4236 Tcpip6 - ok
18:46:29.0598 4236 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:46:29.0609 4236 tcpipreg - ok
18:46:29.0641 4236 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:46:29.0664 4236 TDPIPE - ok
18:46:29.0690 4236 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:46:29.0714 4236 TDTCP - ok
18:46:29.0752 4236 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:46:29.0772 4236 tdx - ok
18:46:29.0821 4236 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:46:29.0832 4236 TermDD - ok
18:46:29.0862 4236 TFilter - ok
18:46:29.0898 4236 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:46:29.0921 4236 tssecsrv - ok
18:46:29.0942 4236 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
18:46:29.0962 4236 tunnel - ok
18:46:29.0978 4236 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:46:29.0987 4236 uagp35 - ok
18:46:30.0040 4236 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:46:30.0060 4236 udfs - ok
18:46:30.0099 4236 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:46:30.0108 4236 uliagpkx - ok
18:46:30.0127 4236 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:46:30.0139 4236 uliahci - ok
18:46:30.0157 4236 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:46:30.0166 4236 UlSata - ok
18:46:30.0181 4236 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:46:30.0191 4236 ulsata2 - ok
18:46:30.0213 4236 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:46:30.0237 4236 umbus - ok
18:46:30.0314 4236 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
18:46:30.0332 4236 usbaudio - ok
18:46:30.0379 4236 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:46:30.0398 4236 usbccgp - ok
18:46:30.0420 4236 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:46:30.0462 4236 usbcir - ok
18:46:30.0492 4236 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:46:30.0511 4236 usbehci - ok
18:46:30.0538 4236 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:46:30.0558 4236 usbhub - ok
18:46:30.0576 4236 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
18:46:30.0599 4236 usbohci - ok
18:46:30.0632 4236 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:46:30.0654 4236 usbprint - ok
18:46:30.0688 4236 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:46:30.0707 4236 usbscan - ok
18:46:30.0755 4236 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:46:30.0774 4236 USBSTOR - ok
18:46:30.0795 4236 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:46:30.0813 4236 usbuhci - ok
18:46:30.0840 4236 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:46:30.0864 4236 usbvideo - ok
18:46:30.0913 4236 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
18:46:30.0932 4236 usb_rndisx - ok
18:46:30.0972 4236 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
18:46:30.0980 4236 vfs101x - ok
18:46:31.0008 4236 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:46:31.0033 4236 vga - ok
18:46:31.0051 4236 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:46:31.0075 4236 VgaSave - ok
18:46:31.0098 4236 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:46:31.0107 4236 viaagp - ok
18:46:31.0126 4236 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:46:31.0149 4236 ViaC7 - ok
18:46:31.0164 4236 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:46:31.0173 4236 viaide - ok
18:46:31.0196 4236 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:46:31.0205 4236 volmgr - ok
18:46:31.0253 4236 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:46:31.0268 4236 volmgrx - ok
18:46:31.0320 4236 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:46:31.0333 4236 volsnap - ok
18:46:31.0356 4236 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:46:31.0366 4236 vsmraid - ok
18:46:31.0404 4236 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:46:31.0446 4236 WacomPen - ok
18:46:31.0467 4236 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:46:31.0486 4236 Wanarp - ok
18:46:31.0490 4236 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:46:31.0511 4236 Wanarpv6 - ok
18:46:31.0557 4236 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:46:31.0565 4236 Wd - ok
18:46:31.0612 4236 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:46:31.0636 4236 Wdf01000 - ok
18:46:31.0706 4236 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:46:31.0741 4236 winachsf - ok
18:46:31.0809 4236 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:46:31.0827 4236 WmiAcpi - ok
18:46:31.0896 4236 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:46:31.0927 4236 WpdUsb - ok
18:46:31.0977 4236 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:46:32.0001 4236 ws2ifsl - ok
18:46:32.0041 4236 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:46:32.0066 4236 WUDFRd - ok
18:46:32.0119 4236 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:46:32.0130 4236 ZTEusbmdm6k - ok
18:46:32.0163 4236 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
18:46:32.0174 4236 ZTEusbnmea - ok
18:46:32.0196 4236 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
18:46:32.0206 4236 ZTEusbser6k - ok
18:46:32.0236 4236 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
18:46:32.0351 4236 \Device\Harddisk0\DR0 - ok
18:46:32.0355 4236 Boot (0x1200) (89199f450d511502f8b4dba060891121) \Device\Harddisk0\DR0\Partition0
18:46:32.0356 4236 \Device\Harddisk0\DR0\Partition0 - ok
18:46:32.0363 4236 Boot (0x1200) (f51057e91fde6ede19e01032a8ca742b) \Device\Harddisk0\DR0\Partition1
18:46:32.0365 4236 \Device\Harddisk0\DR0\Partition1 - ok
18:46:32.0365 4236 ============================================================
18:46:32.0365 4236 Scan finished
18:46:32.0365 4236 ============================================================
18:46:32.0377 5868 Detected object count: 5
18:46:32.0377 5868 Actual detected object count: 5
18:46:35.0211 5868 DfuUsb ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:35.0211 5868 DfuUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:46:35.0213 5868 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:35.0213 5868 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:46:35.0214 5868 mdf15 ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:35.0214 5868 mdf15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:46:35.0216 5868 mvd17 ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:35.0216 5868 mvd17 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:46:35.0218 5868 RVIEG01 ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:35.0218 5868 RVIEG01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
[/log]

Dopiero znalazł zagrożenia jak zaptaszkowałem additional options.

Gość
komentarz
komentarz

Wykonaj nadpisanie MBR uruchamiając MBRcheck - tutaj instrukcja, krok po kroku [url="http://www.fixitpc.pl/topic/8-dezynfekcja-zbior-narzedzi-usuwajacych/"]http://www.fixitpc.pl/topic/8-dezynfekcja-zbior-narzedzi-usuwajacych/[/url]

Perfer
komentarz
komentarz

log po wykonaniu nadpisania:
[log]MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Compal
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv7 Notebook PC
Logical Drives Mask: 0x0000005c

Kernel Drivers (total 215):
0x82646000 \SystemRoot\system32\ntkrnlpa.exe
0x82613000 \SystemRoot\system32\hal.dll
0x80401000 \SystemRoot\system32\kdcom.dll
0x80408000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80478000 \SystemRoot\system32\PSHED.dll
0x80489000 \SystemRoot\system32\BOOTVID.dll
0x80491000 \SystemRoot\system32\CLFS.SYS
0x804D2000 \SystemRoot\system32\CI.dll
0x8060D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067E000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068C000 \SystemRoot\system32\drivers\acpi.sys
0x806D2000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DB000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E3000 \SystemRoot\system32\drivers\pci.sys
0x8070A000 \SystemRoot\system32\drivers\isapnp.sys
0x80719000 \SystemRoot\system32\drivers\mpio.sys
0x80735000 \SystemRoot\System32\drivers\partmgr.sys
0x80744000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80747000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x80751000 \SystemRoot\system32\drivers\volmgr.sys
0x80760000 \SystemRoot\System32\drivers\volmgrx.sys
0x807AA000 \SystemRoot\system32\drivers\intelide.sys
0x807B1000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x807BF000 \SystemRoot\system32\drivers\pciide.sys
0x807C6000 \SystemRoot\system32\drivers\aliide.sys
0x807CD000 \SystemRoot\system32\drivers\amdide.sys
0x807D4000 \SystemRoot\system32\drivers\cmdide.sys
0x807DC000 \SystemRoot\System32\drivers\mountmgr.sys
0x805B2000 \SystemRoot\system32\drivers\msdsm.sys
0x805CC000 \SystemRoot\system32\drivers\nvraid.sys
0x8AC02000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8AC23000 \SystemRoot\system32\drivers\viaide.sys
0x8AC2B000 \SystemRoot\system32\drivers\iastorv.sys
0x8ACCC000 \SystemRoot\system32\drivers\atapi.sys
0x8ACD4000 \SystemRoot\system32\drivers\ataport.SYS
0x8ACF2000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x8AD0C000 \SystemRoot\system32\drivers\storport.sys
0x8AD4D000 \SystemRoot\system32\drivers\nvstor.sys
0x8AD5A000 \SystemRoot\system32\drivers\msahci.sys
0x8AD64000 \SystemRoot\system32\drivers\hpcisss.sys
0x8AD6F000 \SystemRoot\system32\drivers\adp94xx.sys
0x8AE01000 \SystemRoot\system32\drivers\adpahci.sys
0x8AE4D000 \SystemRoot\system32\drivers\adpu160m.sys
0x8AE68000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x8AE8E000 \SystemRoot\system32\drivers\adpu320.sys
0x8AEB4000 \SystemRoot\system32\drivers\djsvs.sys
0x8AEC8000 \SystemRoot\system32\drivers\arc.sys
0x8AEDE000 \SystemRoot\system32\drivers\arcsas.sys
0x8AEF4000 \SystemRoot\system32\drivers\elxstor.sys
0x8AF88000 \SystemRoot\system32\drivers\i2omp.sys
0x8AF92000 \SystemRoot\system32\drivers\iirsp.sys
0x8AFA2000 \SystemRoot\system32\drivers\iteatapi.sys
0x8AFAE000 \SystemRoot\system32\drivers\iteraid.sys
0x8AFBA000 \SystemRoot\system32\drivers\lsi_fc.sys
0x8AFD4000 \SystemRoot\system32\drivers\lsi_sas.sys
0x8AFEC000 \SystemRoot\system32\drivers\megasas.sys
0x8B00D000 \SystemRoot\system32\drivers\megasr.sys
0x8B0C4000 \SystemRoot\system32\drivers\mraid35x.sys
0x8B0CF000 \SystemRoot\system32\drivers\nfrd960.sys
0x8B200000 \SystemRoot\system32\drivers\ql2300.sys
0x8B338000 \SystemRoot\system32\drivers\ql40xx.sys
0x8B38D000 \SystemRoot\system32\drivers\sisraid2.sys
0x8B39A000 \SystemRoot\system32\drivers\sisraid4.sys
0x8B3AF000 \SystemRoot\system32\drivers\symc8xx.sys
0x8B3BB000 \SystemRoot\system32\drivers\sym_hi.sys
0x8B3C6000 \SystemRoot\system32\drivers\sym_u3.sys
0x8B0DD000 \SystemRoot\system32\drivers\uliahci.sys
0x8B3D1000 \SystemRoot\system32\drivers\ulsata.sys
0x8B119000 \SystemRoot\system32\drivers\ulsata2.sys
0x8B145000 \SystemRoot\system32\drivers\vsmraid.sys
0x8B166000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B198000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B40F000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B480000 \SystemRoot\system32\drivers\ndis.sys
0x8B58B000 \SystemRoot\system32\drivers\msrpc.sys
0x8B5B6000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B60B000 \SystemRoot\System32\drivers\tcpip.sys
0x8B6F5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B80A000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B91A000 \SystemRoot\system32\drivers\wd.sys
0x8B922000 \SystemRoot\system32\drivers\volsnap.sys
0x8B95B000 \SystemRoot\System32\Drivers\spldr.sys
0x8B963000 \SystemRoot\system32\drivers\sbp2port.sys
0x8B978000 \SystemRoot\System32\Drivers\mup.sys
0x8B987000 \SystemRoot\System32\drivers\ecache.sys
0x8B9AE000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x8B9B7000 \SystemRoot\system32\drivers\disk.sys
0x8B9C8000 \SystemRoot\system32\drivers\crcdisk.sys
0x8B9F3000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B710000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8B800000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F605000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FFEB000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x8B71F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8FFED000 \SystemRoot\System32\drivers\watchdog.sys
0x8B7C0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8B1A8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B7CB000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x90606000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9080F000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
0x90B98000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x90BBA000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x90BCA000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x90BD8000 \SystemRoot\system32\DRIVERS\jmcr.sys
0x90693000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x90BEF000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x90BF4000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x906A6000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x90800000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x90802000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x906D6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x906EE000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x906F4000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x906FF000 \SystemRoot\system32\DRIVERS\enecir.sys
0x90717000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x90720000 \SystemRoot\system32\DRIVERS\Epfwndis.sys
0x9072B000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x9075A000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x90765000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x9077C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x90787000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x907AA000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x907B9000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x907CD000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x907E2000 \SystemRoot\system32\DRIVERS\termdd.sys
0x9080D000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90E09000 \SystemRoot\system32\DRIVERS\ks.sys
0x90E33000 \SystemRoot\system32\DRIVERS\circlass.sys
0x90E41000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90E4B000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90E58000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x90E8D000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90E9E000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x90F00000 \SystemRoot\system32\DRIVERS\portcls.sys
0x90F2D000 \SystemRoot\system32\DRIVERS\drmk.sys
0x90F52000 \SystemRoot\system32\drivers\nvhda32v.sys
0x90F77000 \SystemRoot\system32\DRIVERS\hidir.sys
0x90F82000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90F92000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90F99000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x90FA2000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x90FAA000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90FB3000 \SystemRoot\System32\Drivers\Null.SYS
0x90FBA000 \SystemRoot\System32\Drivers\Beep.SYS
0x90FC1000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x90FE0000 \SystemRoot\System32\drivers\vga.sys
0x8B7DA000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x90FEC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x90FF4000 \SystemRoot\system32\drivers\rdpencdd.sys
0x907F2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8B5F1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x90E00000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8B1E6000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8ADD9000 \SystemRoot\system32\DRIVERS\smb.sys
0x91606000 \SystemRoot\system32\drivers\afd.sys
0x9164E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91680000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91696000 \SystemRoot\system32\DRIVERS\netbios.sys
0x916A4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x916B7000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x916F3000 \SystemRoot\system32\drivers\nsiproxy.sys
0x916FD000 \??\C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys
0x9170C000 \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys
0x91715000 \SystemRoot\System32\Drivers\dfsc.sys
0x9172C000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x91739000 \SystemRoot\System32\Drivers\bthport.sys
0x917B9000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x917D0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x92C0A000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x92C33000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x92C3D000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x92C57000 \SystemRoot\system32\DRIVERS\bthmodem.sys
0x92C66000 \SystemRoot\system32\drivers\modem.sys
0x92C73000 \SystemRoot\system32\drivers\btwavdt.sys
0x92CDE000 \SystemRoot\system32\drivers\btwaudio.sys
0x92D5E000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x92D61000 \SystemRoot\system32\drivers\vfs101x.sys
0x92D6E000 \SystemRoot\System32\Drivers\usbvideo.sys
0x92D8F000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x92DA5000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x92DBA000 \SystemRoot\System32\Drivers\crashdmp.sys
0x92DC7000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x92DD2000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9B490000 \SystemRoot\System32\win32k.sys
0x92DDC000 \SystemRoot\System32\drivers\Dxapi.sys
0x92DE6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9B6B0000 \SystemRoot\System32\TSDDD.dll
0x9B6D0000 \SystemRoot\System32\cdd.dll
0x917D9000 \SystemRoot\system32\drivers\luafv.sys
0x9F40F000 \SystemRoot\system32\DRIVERS\eamonm.sys
0x9F4B5000 \SystemRoot\system32\DRIVERS\epfw.sys
0x9F4D7000 \SystemRoot\system32\drivers\spsys.sys
0x9F587000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9F597000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9F5C1000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9F5CB000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA220B000 \SystemRoot\system32\drivers\HTTP.sys
0xA2278000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA2295000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA22AE000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA22C3000 \SystemRoot\system32\drivers\mrxdav.sys
0xA22E4000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA2303000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA233C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA2354000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA237B000 \SystemRoot\System32\DRIVERS\srv.sys
0xA23E1000 \SystemRoot\system32\DRIVERS\epfwwfp.sys
0xA5203000 \SystemRoot\system32\drivers\peauth.sys
0xA52E1000 \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys
0xA5309000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA5313000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA531F000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA5334000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0xA5346000 \??\C:\Windows\system32\FsUsbExDisk.SYS
0x77440000 \Windows\System32\ntdll.dll

Processes (total 101):
0 System Idle Process
4 SYSTEM
468 C:\Windows\System32\smss.exe
620 csrss.exe
672 C:\Windows\System32\wininit.exe
684 csrss.exe
716 C:\Windows\System32\services.exe
728 C:\Windows\System32\lsass.exe
736 C:\Windows\System32\lsm.exe
896 C:\Windows\System32\svchost.exe
940 C:\Windows\System32\nvvsvc.exe
972 C:\Windows\System32\svchost.exe
1012 C:\Windows\System32\winlogon.exe
1108 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\svchost.exe
1144 C:\Windows\System32\svchost.exe
1176 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
1244 C:\Windows\System32\audiodg.exe
1356 C:\Windows\System32\svchost.exe
1392 C:\Windows\System32\SLsvc.exe
1416 C:\Windows\System32\svchost.exe
1528 C:\Windows\System32\hpservice.exe
1564 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1576 C:\Windows\System32\nvvsvc.exe
1728 C:\Windows\System32\vfsFPService.exe
1800 C:\Windows\System32\svchost.exe
2004 C:\Windows\System32\taskeng.exe
2012 C:\Windows\System32\spoolsv.exe
2036 C:\Program Files\DigitalPersona\Bin\DpHostW.exe
480 C:\Windows\System32\svchost.exe
1740 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
2064 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
2096 C:\Windows\System32\svchost.exe
2116 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2152 C:\Program Files\Bonjour\mDNSResponder.exe
2168 C:\Windows\System32\svchost.exe
2192 C:\Program Files\ESET\ESET Smart Security\ekrn.exe
2300 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
2312 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
2332 C:\Windows\System32\FsUsbExService.Exe
2360 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2392 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
2464 C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
2508 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
2548 C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2584 C:\Windows\System32\PnkBstrA.exe
2612 C:\Windows\System32\svchost.exe
2632 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
2644 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2668 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
2684 C:\Windows\SMINST\BLService.exe
2716 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2752 C:\Windows\System32\svchost.exe
2800 C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe
2828 C:\Windows\System32\svchost.exe
2868 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2908 C:\Windows\System32\SearchIndexer.exe
3280 WUDFHost.exe
3440 C:\Windows\System32\dwm.exe
3464 C:\Windows\explorer.exe
3668 C:\Windows\servicing\TrustedInstaller.exe
3704 C:\Windows\System32\taskeng.exe
3852 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
1312 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3460 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3592 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
3716 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
1516 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
712 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3844 C:\Program Files\DigitalPersona\Bin\DpAgent.exe
1540 C:\Program Files\Netia\Mobilny Internet\UIExec.exe
3392 C:\Program Files\blueconnect\DataCardMonitor.exe
3480 C:\Program Files\ESET\ESET Smart Security\egui.exe
3420 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1556 C:\Program Files\Common Files\Corel\Standby\Standby.exe
1684 C:\Program Files\iTunes\iTunesHelper.exe
4068 C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
1268 C:\Windows\ehome\ehtray.exe
868 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1444 C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEFE.EXE
3360 C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
3104 C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
4024 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2400 C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
392 C:\Program Files\Windows Media Player\wmpnscfg.exe
624 C:\Windows\ehome\ehmsas.exe
2412 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
3432 C:\Program Files\Windows Media Player\wmpnetwk.exe
2788 WmiPrvSE.exe
2404 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
4192 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
4412 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4512 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
4868 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
4908 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
4972 C:\Program Files\iPod\bin\iPodService.exe
5276 C:\Windows\System32\conime.exe
5444 C:\Windows\System32\SearchProtocolHost.exe
5484 C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
5504 C:\Windows\System32\SearchFilterHost.exe
3600 C:\Users\KAROL\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000048`85400000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-60ZCT0, Rev: 12.01A12

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 08F21ADD893776C287CC68A3558F8D095B50ED3C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done![/log]

Dalej jest unknown MBR code detected. Chyba nie dało rady. :/

Gość
komentarz
komentarz

Pobierz Combofix [url="http://www.fixitpc.pl/topic/7-dezynfekcja-narzedzie-combofix/"]http://www.fixitpc.pl/topic/7-dezynfekcja-narzedzie-combofix/[/url]
Przejdź w Tryb awaryjny Windows i spróbuj uruchomić ComboFix. Jeśli się uda, przedstaw raport.

wirusolog
komentarz
komentarz

Wykrycie przez MBRCheck to drobnostka i to nie jest Rootkit!

[quote]
System Product Name: HP Pavilion dv7 Notebook PC
[/quote]
Autor ma laptopa i partycję Recovery z której MBRCheck nie może odczytać informacji. Dlatego MBRCheck indeksuje to jako ,,Unknown MBR code".

Perfer
komentarz
komentarz

Log z combofix'a
[log]ComboFix 11-09-30.03 - KAROL 2011-09-30 16:14:26.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1045.18.3068.2560 [GMT 2:00]
Uruchomiony z: c:\users\KAROL\Desktop\memtest\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: Zapora osobista *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Utworzono nowy punkt przywracania
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\users\KAROL\AppData\Local\unins000.exe
c:\users\Public\nowegg.exe
c:\windows\DPINST.LOG
c:\windows\IsUn0415.exe
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-08-28 do 2011-09-30 )))))))))))))))))))))))))))))))
.
.
2011-09-30 14:26 . 2011-09-30 14:50 -------- d-----w- c:\users\KAROL\AppData\Local\temp
2011-09-30 14:26 . 2011-09-30 14:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-09-30 14:26 . 2011-09-30 14:26 -------- d-----w- c:\users\UpdatusUser(412)\AppData\Local\temp
2011-09-30 14:26 . 2011-09-30 14:26 -------- d-----w- c:\users\Paweł\AppData\Local\temp
2011-09-30 14:26 . 2011-09-30 14:26 -------- d-----w- c:\users\Gość\AppData\Local\temp
2011-09-30 14:26 . 2011-09-30 14:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-29 12:42 . 2011-09-30 14:49 -------- d-----w- c:\users\KAROL\AppData\Local\Htc
2011-09-29 12:40 . 2011-09-29 12:42 -------- d-----w- c:\users\KAROL\AppData\Roaming\HTC
2011-09-29 12:35 . 2011-09-29 12:35 -------- d-----w- c:\program files\Spirent Communications
2011-09-29 12:33 . 2011-09-29 12:40 -------- d-----w- c:\program files\HTC
2011-09-28 12:33 . 2011-09-28 12:36 -------- d-----w- C:\symbols
2011-09-24 19:06 . 2011-09-24 19:06 -------- d-----w- c:\program files\VASSAL
2011-09-23 11:57 . 2011-09-23 11:57 -------- dc-h--w- c:\programdata\{DCC412E7-393B-4016-91FB-9307F059AFB6}
2011-09-22 20:09 . 2011-09-22 20:09 -------- dc-h--w- c:\programdata\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2011-09-22 19:57 . 2011-09-22 19:57 -------- dc-h--w- c:\programdata\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
2011-09-22 14:12 . 2011-09-22 14:12 -------- d-----w- c:\users\KAROL\AppData\Roaming\Malwarebytes
2011-09-22 14:12 . 2011-09-22 14:12 -------- d-----w- c:\programdata\Malwarebytes
2011-09-22 14:12 . 2011-09-22 14:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-22 14:12 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-22 12:14 . 2011-08-03 11:50 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-09-22 12:14 . 2011-08-03 11:50 599144 ----a-w- c:\windows\system32\nvvsvc.exe
2011-09-22 12:14 . 2011-08-03 11:50 309352 ----a-w- c:\windows\system32\nvhotkey.dll
2011-09-22 12:14 . 2011-08-03 11:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-09-22 12:14 . 2011-08-03 11:50 2558568 ----a-w- c:\windows\system32\nvsvc.dll
2011-09-22 12:14 . 2011-08-03 11:50 3730024 ----a-w- c:\windows\system32\nvcpl.dll
2011-09-22 12:14 . 2011-08-03 11:50 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-09-22 12:14 . 2011-08-03 11:50 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-09-22 12:11 . 2011-08-03 11:50 6613096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-09-22 12:11 . 2011-08-03 11:50 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-22 12:11 . 2011-08-03 11:50 16595560 ----a-w- c:\windows\system32\nvoglv32.dll
2011-09-22 12:11 . 2011-08-03 11:50 914024 ----a-w- c:\windows\system32\nvdispco32.dll
2011-09-22 12:11 . 2011-08-03 11:50 875112 ----a-w- c:\windows\system32\nvgenco32.dll
2011-09-22 12:11 . 2011-08-03 11:50 5404776 ----a-w- c:\windows\system32\nvcuda.dll
2011-09-22 12:11 . 2011-08-03 11:50 2391656 ----a-w- c:\windows\system32\nvcuvid.dll
2011-09-22 12:11 . 2011-08-03 11:50 2090088 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-09-22 12:11 . 2011-08-03 11:50 17193576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-09-22 12:11 . 2011-08-03 11:50 10304104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-09-22 11:51 . 2011-09-22 11:51 -------- d-----w- c:\program files\Microsoft Windows Performance Toolkit
2011-09-22 11:50 . 2011-09-28 12:44 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2011-09-22 11:50 . 2011-09-22 11:50 -------- d-----w- c:\program files\Application Verifier
2011-09-22 11:27 . 2011-09-22 20:14 -------- dc-h--w- c:\programdata\{A07F7F49-03B9-4B8B-A266-07563B0278A6}
2011-09-21 21:33 . 2011-09-21 21:33 -------- d-----w- c:\users\KAROL\{72f8c2ce-4d47-4424-a8c9-0fa117485c4b}
2011-09-21 15:13 . 2011-09-21 15:13 -------- d-----w- c:\users\KAROL\{06df778f-f510-48fd-ac57-0ce755d06ae7}
2011-09-21 15:01 . 2011-09-21 15:01 -------- d-----w- c:\users\KAROL\{664d8a28-393c-4ae0-8096-bfa55d4f3dca}
2011-09-21 14:44 . 2011-09-21 14:44 -------- d-----w- c:\users\KAROL\{be498c9c-a804-4c58-8f3e-fb7bffd0eada}
2011-09-21 14:39 . 2011-09-21 15:34 -------- d-----w- c:\users\UpdatusUser(332)
2011-09-21 14:09 . 2011-09-21 14:09 -------- d-----w- c:\users\KAROL\{6b8dd61f-ed0e-4414-b95a-16d4a4a7011d}
2011-09-21 14:02 . 2011-09-21 14:02 -------- d-----w- c:\users\KAROL\{d25a5af4-715e-4d0d-a31a-5bee1578b5b5}
2011-09-07 17:57 . 2011-09-07 17:57 -------- d-----w- c:\users\Paweł\AppData\Local\Apple Computer
2011-09-07 11:35 . 2011-09-07 11:35 -------- d-----w- c:\users\Gość\AppData\Roaming\Apple Computer
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 14:33 . 2011-05-19 09:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-03 11:50 . 2008-05-14 02:09 2412136 ----a-w- c:\windows\system32\nvapi.dll
2011-08-03 11:50 . 2008-05-14 02:09 12636776 ----a-w- c:\windows\system32\nvd3dum.dll
2011-07-25 10:17 . 2011-03-17 20:22 3766 --sha-w- c:\programdata\KGyGaAvL.sys
2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-17 15:20 . 2011-05-01 09:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-25 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2010-07-28 526992]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-09-29 842816]
"UIExec"="c:\program files\Netia\Mobilny Internet\UIExec.exe" [2010-03-02 138072]
"DataCardMonitor"="c:\program files\blueconnect\DataCardMonitor.exe" [2010-11-11 253952]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Standby"="c:\program files\Common Files\Corel\Standby\Standby.exe" [2010-07-26 105632]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-08-22 593920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 727592]
PHOTOfunSTUDIO 5.0.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2011-3-27 172544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3384155157-3980012862-2537522586-1000]
"EnableNotificationsRef"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9e1f418dd0ea0;Usługa Google Update (gupdate1c9e1f418dd0ea0);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-31 133104]
R3 DfuUsb;DfuUsb;c:\windows\system32\DRIVERS\DFUUsb.sys [2007-11-08 10880]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-31 133104]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 MailScan;MailScan;c:\progra~1\AVANQU~1\SYSTEM~1\MailScan.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-18 9216]
R3 rig3avs;Rig Kontrol 3 WDM Audio;c:\windows\system32\Drivers\rig3avs.sys [2011-04-11 346192]
R3 rig3usb;rig3usb;c:\windows\system32\Drivers\rig3usb.sys [2011-04-11 95312]
R3 rig3usb_svc;Rig Kontrol 3;c:\windows\system32\Drivers\rig3usb.sys [2011-04-11 95312]
R3 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [2007-10-24 23288]
R3 TFilter;TFilter;c:\progra~1\AVANQU~1\SYSTEM~1\TFilter.sys [x]
R3 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-22 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 mdf15;mdf15;c:\program files\Clarus\Samsung SecretZone\mdf15.sys [2008-12-21 12800]
S1 mvd17;mvd17;c:\program files\Clarus\Samsung SecretZone\mvd17.sys [2007-03-19 60288]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-11-05 238952]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-08-07 24880]
S2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [2008-12-31 102400]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 3857408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Netia\Mobilny Internet\AssistantServices.exe [2010-03-02 247152]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-04-27 599344]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-11-02 36608]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-07-08 96856]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-04-27 40752]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 13:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-31 13:31]
.
2011-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-31 13:31]
.
2011-09-21 c:\windows\Tasks\HPCeeScheduleForKAROL.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-08-25 13:14]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://tvn24-stream.onet.pl/nazywo.html
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Wyszukiwarka na pasku narzędzi AOL - c:\programdata\AOL\ieToolbar\resources\pl-PL\local\search.html
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\KAROL\AppData\Roaming\Mozilla\Firefox\Profiles\z415x1dc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ing.pl/u235/navi/35
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 0
.
.
------- Skojarzenia plików -------
.
.scr=MicroStation Resource
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
WebBrowser-{A84C785A-0796-4BED-9BC3-EFB6C4F12602} - (no file)
HKCU-Run-Twoje TVN24 - (no file)
HKLM-Run-NPSStartup - (no file)
HKLM-Run-Corel Graphics Suite 1117 - c:\program files\Corel\Corel Graphics 11\Register\registration.exe
HKLM-Run-Corel File Shell Monitor - c:\program files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
AddRemove-BattlesInNormandyv101 - c:\windows\iun6002.exe
AddRemove-Native Instruments Rig Kontrol 3 Driver - c:\programdata\{EC98E512-708C-4C3B-9F07-B58768C1DD8A}\Rig Kontrol 3 Driver Setup.exe
AddRemove-Próba Czasu - c:\windows\IsUn0415.exe
AddRemove-_{53A908D4-99C6-469B-BC13-F4189F260742} - c:\program files\Corel\Corel Painter Essentials 4\MSILauncher {53A908D4-99C6-469B-BC13-F4189F260742}
AddRemove-_{9C9078D1-FA30-4E1B-A194-983A4898F848} - c:\program files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Languages\PL\Moduły dodatkowe\KPT\Uninst.exe
AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\users\KAROL\AppData\Local\unins000.exe
AddRemove-DealAssistant - c:\users\KAROL\AppData\Roaming\DealAssistant\DAUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-30 16:49
Windows 6.0.6002 Service Pack 2 NTFS
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DataCardMonitor = c:\program files\blueconnect\DataCardMonitor.exe??????????????????????????y????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
skanowanie ukrytych plików ...
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1e,69,01,f9,42,b0,2a,43,92,08,b5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1e,69,01,f9,42,b0,2a,43,92,08,b5,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'Explorer.exe'(5272)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
c:\windows\system32\btncopy.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40ST7.EXE
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Czas ukończenia: 2011-09-30 16:56:14 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2011-09-30 14:55
.
Przed: 60 305 010 688 bajtów wolnych
Po: 64 583 925 760 bajtów wolnych
.
- - End Of File - - 6DD25CE3553D9E1D07E3383C48954423

[/log]

Gość
komentarz
komentarz (edytowane)

[b]1.[/b] Odinstaluj Combofix. Rootkita tutaj nie ma.

[b]Start > uruchom[/b] i wklej poniższą komendę:

[b]"c:\users\KAROL\Desktop\memtest\ComboFix.exe" /uninstall[/b]

[b]2.[/b] Problemem są tu sterowniki od USB
start > uruchom services.msc
na liście sprawdź usługe
[php]SRV - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)[/php]

jesli jest PPM na usługe > właściwości

dajesz, [b]zatrzymaj[/b] ,tryb startowy ustaw na [b]wyłaczona[/b]

[b]3.[/b] odinstaluj Digital Persona (czytnik linni papilarnych). Jeśli nie uzywasz nie ma sensu aby funkcjnował w systemie

Czy korzystasz z touchpada?

4. Po wykonaniu czynności 1-3. Wykonaj skan [b]OTL[/b] i zaprezentuj log.

Perfer
komentarz
komentarz

1. Combofix odinstalowany
2.Nie znalazłem na liscie tej usługi
3. Czytnik jest używany przez Tatę (jego laptop) więc nie moge go odinstalować.
z touchpada korzysta bardzo rzadko lub w ogóle.

Log z OTL'a:
[log]OTL logfile created on: 2011-10-02 11:49:44 - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\KAROL\Desktop\OTL
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 57,71% Memory free
6,19 Gb Paging File | 4,83 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,08 Gb Total Space | 62,76 Gb Free Space | 21,64% Space Free | Partition Type: NTFS
Drive D: | 8,01 Gb Total Space | 1,09 Gb Free Space | 13,62% Space Free | Partition Type: NTFS
Drive E: | 613,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: KAROL-PC | User Name: KAROL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-09-22 21:22:57 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\KAROL\Desktop\OTL\OTL.exe
PRC - [2011-08-22 10:01:00 | 000,593,920 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2011-08-12 17:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011-08-03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-08-03 13:50:00 | 000,812,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011-08-03 13:50:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-04-07 17:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-07-28 03:23:50 | 000,526,992 | ---- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2010-07-26 23:59:20 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe
PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010-03-02 18:10:24 | 000,138,072 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe
PRC - [2010-03-02 18:03:18 | 000,247,152 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe
PRC - [2009-12-02 17:36:16 | 000,172,544 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
PRC - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-09-29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009-09-29 09:52:52 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-12-31 16:19:56 | 000,102,400 | ---- | M] () -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
PRC - [2008-06-27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
PRC - [2008-06-27 17:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
PRC - [2008-06-19 14:17:36 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008-06-19 14:17:36 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008-04-27 23:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008-04-26 01:15:26 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe
PRC - [2007-12-13 08:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEFE.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011-08-22 10:01:00 | 001,515,520 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
MOD - [2011-08-22 10:01:00 | 000,593,920 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2011-08-22 10:01:00 | 000,559,244 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
MOD - [2011-08-22 10:01:00 | 000,516,599 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2011-08-22 10:01:00 | 000,389,120 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll
MOD - [2011-08-22 10:01:00 | 000,139,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2011-08-22 10:01:00 | 000,139,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2011-08-22 10:01:00 | 000,094,208 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2011-03-27 13:11:42 | 000,689,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\24c6417baba7ca153d53c9977fc5c008\System.Data.SqlServerCe.ni.dll
MOD - [2010-08-24 11:43:06 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\32e6bf88bb0dcdad040abc8ad97cab83\System.EnterpriseServices.ni.dll
MOD - [2010-08-24 11:43:05 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9f38a2b0adadce82d09209811af4043e\System.Transactions.ni.dll
MOD - [2010-08-24 11:43:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ca467e23bbfcffac8809b9e21dcbd9a6\System.Configuration.ni.dll
MOD - [2010-08-24 11:37:34 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\88593f5f0fc6de5d5f4a85aa2b1466f3\System.Xml.ni.dll
MOD - [2010-08-24 11:37:09 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d9ab6e29eba6cb0d8459fcbb2c40c1a7\System.Windows.Forms.ni.dll
MOD - [2010-08-24 11:36:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\887fa2d6b76e7302b0c664effad4f91f\System.Drawing.ni.dll
MOD - [2010-08-24 11:36:11 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\cc009a955f4b35c344c2f9aaf453f329\System.Data.ni.dll
MOD - [2010-08-24 11:35:10 | 007,949,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ed6ae2749d12c4729ee43ff339de4bb8\System.ni.dll
MOD - [2010-08-24 11:34:36 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\98bbdd8c400493ad228b8283665cc9da\mscorlib.ni.dll
MOD - [2010-03-02 18:10:24 | 000,138,072 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe
MOD - [2009-09-04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009-03-31 20:05:12 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-03-30 06:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009-03-30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008-06-25 22:34:52 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2008-06-19 14:10:46 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - [2011-09-22 00:39:19 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011-08-12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011-08-03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-04-07 17:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010-08-12 15:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-03-02 18:03:18 | 000,247,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009-11-05 19:25:42 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009-09-29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009-01-08 09:38:46 | 004,136,960 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (WiselinkPro)
SRV - [2008-12-31 16:19:56 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe -- (MSR Service)
SRV - [2008-12-22 12:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008-06-27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe -- (AESTFilters)
SRV - [2008-06-27 17:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -- (STacSV)
SRV - [2008-04-27 23:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008-04-26 01:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-17 06:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007-01-11 06:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-08-03 13:50:00 | 010,304,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-05-10 11:41:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011-04-11 15:02:31 | 000,346,192 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rig3avs.sys -- (rig3avs)
DRV - [2011-04-11 15:02:31 | 000,095,312 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rig3usb.sys -- (rig3usb_svc)
DRV - [2011-04-11 15:02:31 | 000,095,312 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rig3usb.sys -- (rig3usb)
DRV - [2010-07-29 14:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010-07-29 14:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010-07-29 14:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-07-29 14:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010-07-29 14:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-06-23 10:23:46 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010-02-22 04:22:16 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-18 12:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010-01-18 12:21:00 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010-01-18 12:21:00 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2010-01-18 12:20:58 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009-11-02 10:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-06-10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008-12-21 12:04:46 | 000,012,800 | ---- | M] (The One Technology) [Kernel | System | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys -- (mdf15)
DRV - [2008-11-17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008-08-07 15:42:12 | 000,025,392 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008-08-07 15:31:52 | 000,034,608 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008-07-08 12:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008-06-27 17:44:18 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008-05-02 15:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-04-27 23:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008-01-24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2007-11-08 22:51:54 | 000,010,880 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DFUUsb.sys -- (DfuUsb)
DRV - [2007-10-24 10:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2007-06-18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007-03-19 15:40:34 | 000,060,288 | ---- | M] (The One Technology) [Kernel | System | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys -- (mvd17)
DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2001-04-13 20:16:38 | 000,187,992 | ---- | M] (Roland) [Kernel | Auto | Running] -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tvn24-stream.onet.pl/nazywo.html
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ing.pl/u235/navi/35"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-05-31 15:32:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2009-11-11 15:56:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-21 22:41:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-09-21 22:56:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-12-24 17:19:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2009-11-11 15:56:56 | 000,000,000 | ---D | M]

[2010-08-20 18:57:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KAROL\AppData\Roaming\mozilla\Extensions
[2011-09-21 23:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KAROL\AppData\Roaming\mozilla\Firefox\Profiles\z415x1dc.default\extensions
[2011-08-31 17:08:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\KAROL\AppData\Roaming\mozilla\Firefox\Profiles\z415x1dc.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}(326)
[2010-09-13 11:38:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\KAROL\AppData\Roaming\mozilla\Firefox\Profiles\z415x1dc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-08-23 16:04:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-23 16:04:27 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-02-19 18:41:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\KAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z415X1DC.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
[2011-08-17 17:20:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-02-19 18:41:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]


O1 HOSTS File: ([2011-09-30 16:48:52 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\KAROL\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Standby] C:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Netia\Mobilny Internet\UIExec.exe ()
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [EPSON Stylus SX200 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html ()
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26341FCD-81FE-4D84-8CA0-32FF1A916BAF}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{735E993C-5694-41FE-AE50-2F67F74D3FF3}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\KAROL\Pictures\Ustroń\Pies ogrodnika.JPG
O24 - Desktop BackupWallPaper: C:\Users\KAROL\Pictures\Ustroń\Pies ogrodnika.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-03-22 10:11:42 | 000,000,832 | ---- | M] () - C:\Autorun_dll.log -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-10-02 11:37:06 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011-09-30 16:56:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011-09-30 16:53:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011-09-30 16:26:51 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Local\temp
[2011-09-30 16:10:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011-09-30 16:02:42 | 004,237,063 | ---- | C] (Swearware) -- C:\Users\KAROL\Desktop\ComboFix.exe
[2011-09-29 18:43:19 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\TDSSKiller
[2011-09-29 18:37:43 | 000,592,952 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\KAROL\Desktop\SPTDinst-v179-x86.exe
[2011-09-29 14:51:32 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Documents\My Photos
[2011-09-29 14:51:32 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Documents\My Documents
[2011-09-29 14:42:15 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011-09-29 14:42:05 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Local\Htc
[2011-09-29 14:40:37 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\HTC
[2011-09-29 14:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2011-09-29 14:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2011-09-29 14:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications
[2011-09-29 14:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\HTC
[2011-09-28 17:39:21 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\Gmerlog
[2011-09-28 17:39:13 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\Defoggerantideamn
[2011-09-28 17:20:09 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\OTL
[2011-09-28 14:33:38 | 000,000,000 | ---D | C] -- C:\symbols
[2011-09-24 21:06:30 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VASSAL
[2011-09-24 21:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\VASSAL
[2011-09-23 13:57:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2011-09-22 22:09:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2011-09-22 21:57:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2011-09-22 16:12:36 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\Malwarebytes
[2011-09-22 16:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-09-22 16:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-09-22 16:12:24 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-09-22 16:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-09-22 14:14:52 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2011-09-22 14:14:52 | 002,558,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2011-09-22 14:14:52 | 000,309,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll
[2011-09-22 14:14:52 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2011-09-22 14:14:51 | 003,730,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2011-09-22 14:14:51 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2011-09-22 14:14:49 | 000,600,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll
[2011-09-22 14:11:56 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011-09-22 14:11:56 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2011-09-22 14:11:56 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011-09-22 14:11:55 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011-09-22 14:11:55 | 010,304,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011-09-22 14:11:55 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011-09-22 14:11:55 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011-09-22 14:11:55 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011-09-22 14:11:55 | 000,914,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2011-09-22 14:11:55 | 000,875,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2011-09-22 13:51:13 | 000,000,000 | ---D | C] -- C:\Users\KAROL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2011-09-22 13:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2011-09-22 13:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
[2011-09-22 13:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2011-09-22 13:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier
[2011-09-22 13:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2011-09-22 13:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
[2011-09-22 13:42:38 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\windbg
[2011-09-22 13:27:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A07F7F49-03B9-4B8B-A266-07563B0278A6}
[2011-09-22 01:03:46 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\memtest
[2011-09-21 23:33:49 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{72f8c2ce-4d47-4424-a8c9-0fa117485c4b}
[2011-09-21 17:42:38 | 000,000,000 | ---D | C] -- C:\Users\KAROL\Desktop\welt
[2011-09-21 17:13:25 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{06df778f-f510-48fd-ac57-0ce755d06ae7}
[2011-09-21 17:01:38 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{664d8a28-393c-4ae0-8096-bfa55d4f3dca}
[2011-09-21 16:44:28 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{be498c9c-a804-4c58-8f3e-fb7bffd0eada}
[2011-09-21 16:09:16 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{6b8dd61f-ed0e-4414-b95a-16d4a4a7011d}
[2011-09-21 16:02:07 | 000,000,000 | ---D | C] -- C:\Users\KAROL\{d25a5af4-715e-4d0d-a31a-5bee1578b5b5}
[2009-02-19 21:44:03 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2009-02-19 21:44:02 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2009-02-19 21:44:02 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2009-02-19 21:44:01 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2009-02-19 21:44:01 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-10-02 11:34:33 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-10-02 11:31:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-10-02 11:15:48 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-10-02 11:15:48 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-10-02 11:15:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-10-02 00:18:52 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-09-30 21:22:39 | 000,607,668 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-09-30 21:22:39 | 000,137,286 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-09-30 21:22:39 | 000,108,940 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-09-30 21:22:39 | 000,013,218 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-09-30 16:48:52 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011-09-30 16:03:03 | 004,237,063 | ---- | M] (Swearware) -- C:\Users\KAROL\Desktop\ComboFix.exe
[2011-09-29 22:50:55 | 000,000,512 | ---- | M] () -- C:\Users\KAROL\Desktop\MBRCheck_MBR_Backup_09-29-11_22-50-55.bak
[2011-09-29 22:44:10 | 000,080,384 | ---- | M] () -- C:\Users\KAROL\Desktop\MBRCheck.exe
[2011-09-29 18:37:43 | 000,592,952 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\KAROL\Desktop\SPTDinst-v179-x86.exe
[2011-09-29 14:50:48 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2011-09-29 14:40:27 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2011-09-28 17:39:52 | 000,000,020 | ---- | M] () -- C:\Users\KAROL\defogger_reenable
[2011-09-28 17:13:32 | 326,315,057 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-09-28 16:33:20 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-09-24 21:06:30 | 000,000,736 | ---- | M] () -- C:\Users\KAROL\Desktop\VASSAL.lnk
[2011-09-23 17:30:13 | 000,000,795 | ---- | M] () -- C:\Users\Public\Desktop\Pasek TVN24.lnk
[2011-09-22 22:13:39 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2011-09-22 21:59:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_rig3usb_01009.Wdf
[2011-09-22 16:12:27 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-09-21 22:55:03 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKAROL.job
[2011-09-21 16:54:19 | 000,008,484 | ---- | M] () -- C:\Users\KAROL\AppData\Local\d3d9caps.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-09-29 22:50:55 | 000,000,512 | ---- | C] () -- C:\Users\KAROL\Desktop\MBRCheck_MBR_Backup_09-29-11_22-50-55.bak
[2011-09-29 22:49:20 | 000,080,384 | ---- | C] () -- C:\Users\KAROL\Desktop\MBRCheck.exe
[2011-09-29 14:50:48 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2011-09-29 14:40:27 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2011-09-28 17:39:35 | 000,000,020 | ---- | C] () -- C:\Users\KAROL\defogger_reenable
[2011-09-23 17:30:13 | 000,000,795 | ---- | C] () -- C:\Users\Public\Desktop\Pasek TVN24.lnk
[2011-09-22 22:13:39 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2011-09-22 21:59:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_rig3usb_01009.Wdf
[2011-09-22 16:12:27 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-09-22 14:11:55 | 000,004,358 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2011-03-18 01:16:34 | 000,000,008 | RHS- | C] () -- C:\ProgramData\6AF4210023.sys
[2011-03-17 22:22:21 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-11-26 01:39:47 | 000,000,391 | ---- | C] () -- C:\Windows\crownofglory.ini
[2010-11-01 17:43:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010-08-20 18:57:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-07-09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-03-18 00:46:22 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010-03-18 00:46:22 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll
[2009-11-22 21:52:05 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
[2009-09-17 21:29:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-09-17 21:29:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-09-13 13:13:40 | 000,000,155 | ---- | C] () -- C:\Windows\mistrz.ini
[2009-09-02 17:30:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\t5clientGateWriter.dll
[2009-09-02 17:30:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\t5clientGateCalc.dll
[2009-08-10 12:07:33 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xerces-depdom_2_7.dll
[2009-08-10 12:06:58 | 001,409,024 | ---- | C] () -- C:\Windows\System32\t5core-1.0.dll
[2009-08-10 09:26:01 | 010,166,272 | ---- | C] () -- C:\Windows\System32\icudt36.DLL
[2009-07-24 20:35:00 | 000,000,026 | ---- | C] () -- C:\Windows\CDE SX200EXPORT.ini
[2009-07-20 21:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe
[2009-07-20 21:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe
[2009-04-24 00:52:21 | 000,005,236 | ---- | C] () -- C:\Users\KAROL\AppData\Local\unins000.dat
[2009-04-19 16:36:45 | 000,000,066 | ---- | C] () -- C:\Windows\BBW_INFO.INI
[2009-04-15 11:02:05 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009-04-09 19:03:51 | 000,138,584 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009-04-09 19:03:39 | 000,189,672 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009-04-09 19:03:30 | 000,070,968 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009-03-25 22:17:22 | 000,000,026 | ---- | C] () -- C:\Windows\CDER220EDFNSCPHGT.ini
[2009-03-25 21:43:18 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009-03-25 21:43:18 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009-03-25 21:43:18 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009-03-25 21:43:18 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009-03-25 21:43:18 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009-03-25 21:43:18 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009-03-25 21:43:18 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009-03-25 21:43:18 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009-03-25 21:43:18 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009-03-25 21:43:18 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009-03-25 21:43:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009-03-25 21:43:18 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009-03-25 21:43:18 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009-03-25 21:43:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009-03-25 21:43:18 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009-03-25 21:43:18 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009-03-25 21:43:18 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009-03-25 21:43:18 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009-03-25 21:43:18 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009-03-23 13:31:47 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2009-03-10 23:52:22 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-03-10 23:19:27 | 000,008,484 | ---- | C] () -- C:\Users\KAROL\AppData\Local\d3d9caps.dat
[2009-03-07 11:50:03 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009-02-23 19:08:27 | 000,000,470 | ---- | C] () -- C:\Users\KAROL\AppData\Roaming\wklnhst.dat
[2009-02-21 20:40:15 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009-02-21 20:40:13 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009-02-21 20:40:13 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-02-21 20:40:13 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-02-21 20:40:11 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-02-20 00:02:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-02-19 22:34:29 | 000,052,736 | ---- | C] () -- C:\Users\KAROL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-11-03 19:45:03 | 000,000,249 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2008-11-03 19:05:21 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-11-03 18:55:25 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008-08-25 16:31:45 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2008-08-25 16:31:45 | 000,137,286 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2008-08-25 16:31:45 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2008-08-25 16:31:45 | 000,013,218 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2008-05-04 18:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll
[2008-01-21 04:24:21 | 000,007,532 | ---- | C] () -- C:\Windows\System32\NT47AEX.DLL
[2008-01-16 07:41:26 | 000,019,968 | ---- | C] () -- C:\Windows\System32\ttmsoutlook1.dll
[2008-01-16 07:41:24 | 000,022,528 | ---- | C] () -- C:\Windows\System32\ttmsoffice1.dll
[2007-11-14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006-12-18 15:10:38 | 000,474,112 | ---- | C] () -- C:\Windows\System32\log4cplus_dll.dll
[2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 14:47:37 | 000,381,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 12:33:01 | 000,607,668 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 12:33:01 | 000,108,940 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001-11-14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-03-29 01:04:11 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Avanquest
[2009-12-30 11:22:00 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\BitTorrent
[2009-02-22 01:46:12 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\DigitalPersona
[2009-09-10 23:54:32 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\EPSON
[2011-02-25 17:24:59 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\ESET
[2009-05-01 13:11:24 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Nowe Gadu-Gadu
[2009-12-23 02:16:11 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Avanquest
[2011-02-03 12:55:42 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Bentley
[2009-10-09 00:17:39 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\BitTorrent
[2010-11-11 20:46:23 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\blueconnect
[2009-10-17 17:49:42 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\DAEMON Tools Lite
[2009-02-19 20:59:43 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\DigitalPersona
[2010-04-23 23:12:50 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\DNA
[2011-09-22 16:20:01 | 000,000,000 | -H-D | M] -- C:\Users\KAROL\AppData\Roaming\drivers
[2009-04-24 00:50:53 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2009-08-07 11:11:22 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\EPSON
[2010-12-24 18:04:22 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\ESET
[2010-09-06 23:30:39 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Gadu-Gadu 10
[2011-07-22 23:03:31 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\GARMIN
[2010-09-07 22:55:40 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\gtk-2.0
[2011-09-29 14:42:06 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\HTC
[2011-09-29 14:42:15 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010-11-18 00:28:12 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\ipla
[2009-09-19 23:41:31 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\LimeWire
[2010-01-05 20:54:01 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II
[2010-11-13 22:27:53 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\My Games
[2009-07-08 12:50:06 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Nokia
[2009-04-12 17:53:37 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Nowe Gadu-Gadu
[2010-11-27 17:47:36 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\OpenFM
[2009-07-08 11:51:44 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\PC Suite
[2010-03-02 02:02:34 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\POLENG
[2010-03-18 00:45:38 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Samsung
[2009-03-12 21:37:54 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Steinberg
[2010-03-02 02:03:18 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\T6
[2009-02-23 19:08:29 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Template
[2010-03-02 01:38:08 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\The Creative Assembly
[2009-03-08 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Tibia
[2011-03-18 01:17:16 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Ulead Systems
[2009-03-15 22:55:51 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\VST3 Presets
[2009-03-14 20:29:46 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Waves
[2009-03-14 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\KAROL\AppData\Roaming\Waves Preferences
[2010-05-15 12:50:35 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Avanquest
[2010-05-15 14:01:58 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Bentley
[2010-05-15 13:35:15 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\DAEMON Tools Lite
[2010-05-15 10:55:24 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\DigitalPersona
[2010-12-31 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\ESET
[2011-10-02 00:18:53 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]

Log z OTL'a Extras:
[log]OTL Extras logfile created on: 2011-10-02 11:49:44 - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\KAROL\Desktop\OTL
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 57,71% Memory free
6,19 Gb Paging File | 4,83 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,08 Gb Total Space | 62,76 Gb Free Space | 21,64% Space Free | Partition Type: NTFS
Drive D: | 8,01 Gb Total Space | 1,09 Gb Free Space | 13,62% Space Free | Partition Type: NTFS
Drive E: | 613,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: KAROL-PC | User Name: KAROL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.scr [@ = MicroStation Resource] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [command] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Przeglądaj za pomocą programu h Corel PaintShop Photo Pro X3] -- "C:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3384155157-3980012862-2537522586-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F2A23BB-10C6-4CDB-BC2C-DD5B4380FBA6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{10558D5B-8FE8-41FE-B80F-2787CECC2326}" = lport=139 | protocol=6 | dir=in | app=system |
"{3201567D-72D4-4521-8349-A5718D28056E}" = rport=139 | protocol=6 | dir=out | app=system |
"{43502B8F-C33E-434E-B771-30BCC5456BAA}" = lport=137 | protocol=17 | dir=in | app=system |
"{4C24480E-37E3-48B6-BB83-2F267FA63BB9}" = lport=445 | protocol=6 | dir=in | app=system |
"{58F3A70D-3FBA-4E7A-97AA-7EE079690C1E}" = lport=138 | protocol=17 | dir=in | app=system |
"{7794642B-B3D7-4C04-92AC-E60459234BD7}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{9230A8EA-662A-440C-A406-A0F832305254}" = rport=445 | protocol=6 | dir=out | app=system |
"{9E8E5D25-05C5-4836-8723-071935F8A372}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B718073D-23C0-4C6A-AED9-84F780878196}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{BDE12523-D368-4245-ACC6-046DFBD7D08F}" = rport=138 | protocol=17 | dir=out | app=system |
"{CADD605D-3586-4F6A-8F13-6E8A0FF11A63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E9397464-37DD-4C27-8558-68F469117785}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EA9CBFA9-D996-4941-A897-A672853DA17C}" = rport=137 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0004BB2E-8113-4099-8871-25726C4CE66E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00F1B183-C1E7-46CD-B89E-CAA7E26922E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{024D64C2-268B-4432-924C-67932171A991}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{080A68CF-4FF3-4FE7-9903-F3E75D33D9E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09792CC4-17A8-4F0F-B662-9CC78F63B200}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1555006F-471F-492F-8382-6BEE899692ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1650225B-B2C2-4BC8-B258-5EC4466023DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1669F832-6E21-4C66-A43E-28578743418B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16DC2527-6C5F-484C-A025-7A9447874ED4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19053D5E-1A48-4135-8810-4241BF5896AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B490312-DCD5-4D2D-B6BF-64A9840E753B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1BD0D3A6-F0D8-409A-A60F-B2B9278ED68F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F339D6D-BE60-4E43-939E-F2050EFB80F1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
"{21FB1D28-8B1B-4106-A230-EBADFBBF84E8}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{23CB4C6D-D6C2-4D8B-B788-50C5184E350F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{244E4EF6-D6EA-4ACE-A53F-481AC907D053}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A88864D-3595-4636-9FA1-18211CDCD1E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DC8A5C8-B204-4F51-BBC3-636168FBEBC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F00E279-30C7-447C-8AFA-B3873BA1CE5D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33BD4E75-924B-456F-9E77-07569292E26C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39B15C46-F34B-4325-902A-0F6BA54C6E2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AEF5142-08F7-4D04-A6F1-44AC9AD4A065}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C777A22-C097-43AC-9E4E-9386A2A2365E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DE6D2EC-E994-4465-B30A-13E3A767C3D5}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{3ECC1D67-3EC2-41B7-91D4-B6EFE88AD4F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40CF049C-F05F-45D1-AF65-8246E01B70FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{416D2052-B6E0-4D4C-9474-1F68F36FCB01}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bitwa o śródziemie ii\game.dat |
"{43281175-D67F-464E-AFEC-4C84FFBA7FA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{444BA288-46AF-443C-BA26-D2BAAC7032AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{459849E3-3571-4E9F-B5BD-8A484B4EAC73}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47217946-8E7E-420E-976D-3B5AD639ECE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47349F4E-0817-4566-95C3-12B6F506B097}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47F31D22-DF0F-400C-BEF0-8314FC6A3CB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{48C0183F-A436-44C8-BEE2-F7255B1D4BDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A4939D8-F461-4967-B05B-F38C6B5DD491}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BC9F6FC-FA9B-4DB3-B891-1AD0AD6C51A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BE1A408-4106-414D-8835-03271C8142E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EC5B852-639A-42CB-8770-33E36E94A98F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55D089F6-42A9-47B3-9FAA-F375799B88CE}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bitwa o śródziemie ii\game.dat |
"{5713EDA6-B44E-4D11-B22D-0B803311CFC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{573417CD-AA1A-4989-A008-C9FE5467999D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B3C87B4-711C-421B-9D09-77EE323E3516}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{5C43A0E2-59F8-4247-966C-5B2C1D8650A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D59DE61-C3E9-4929-9C45-B42DEBA268DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5ED3FDB4-A439-4547-B27F-4C3B073C3C23}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5FBC68EC-36B3-4854-BAF4-37125568C567}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{634E1757-4AEC-41D2-B035-B5CAFB2DA69C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6522CA01-5F2D-4E0C-97A4-FC2462755AEF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{667B01E7-4746-4E08-9147-47D9DD3BC7A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68132967-1FF9-4B4E-A7E4-AC02DAAD0E59}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{69B3F3A4-5088-4D95-9632-DC35C07D4358}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{6E072742-4D4B-4003-81D6-6557809065EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7043EEA2-3D74-47C7-811F-7E1D2642B599}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{70BBEA19-F878-4A32-A35E-9E5C28D3CB52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72DAC267-0F55-4D64-AD54-5770491121D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{731B2D94-A41A-4B81-B0AA-626D9649C4AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7456ED09-1D66-4700-9852-B93FF497AEA4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74E9261B-BF3C-4966-83D4-A4C3146B1B88}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{756E018F-D0CE-46C6-B665-13CC501120CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77A0AD32-304E-469D-89F1-E01B6C60A979}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78C814F0-41DD-44CE-9380-3A44C9B144D2}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{7B8E2363-9425-4162-AF70-D7F0AF879E44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E574172-27BF-40C3-A23E-497FB303D555}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7EAB9380-3519-4273-91DA-6DAC427DE263}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{820EDC73-13AB-4054-AAFC-59DD88AEA071}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8446D91E-A088-43BA-AA7B-1DB68D2E3A27}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
"{859A0889-36B9-4BA0-A3C3-CDF82535B161}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{8989A37E-88A0-4074-B966-F8610F6A4A75}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8AB9CDDF-995C-4779-9FE4-D1B7A37342C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90310C12-F0F5-45D8-9CA4-F560B532D8ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{927A709E-A7B9-4048-B965-85AB73A242B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{92A99139-EFBF-4264-84BB-A5B25E68BFAE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{953F8075-508F-4EFC-ACEA-5DB8C7F43CAC}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{9655E8C6-4DB6-4F03-9EB5-AEF76E7ED015}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{97F5EEEB-5BDB-4D32-B6AF-0040EF0EE880}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{992456E6-91E0-4D06-A26B-8024D7BB778C}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{9A988901-5D98-4865-B869-209B84767EF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9E05AFE7-BE8F-4C95-B06A-7B161F3A355C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A05AE27B-0FAD-4432-B56B-0CF140FF4434}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A131EBC8-F07C-4F33-861C-C9E6FC740A07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A56F20A9-B2A3-4715-B985-B237FA811B45}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9B97A7F-E18A-4101-8DB7-D5FBCEDE4DF1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE7E8B39-3510-4DE7-8082-F1089B69EDFF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B092DF4E-41EF-48EA-BF10-D5A57E7E1FE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6D16B62-F52A-4216-9CD1-0A848970AA8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7248D36-8FDB-4434-96B1-A861088C0F70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B92DA10C-ECB3-4023-99D7-17391FA1973F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C1B3C154-9592-46AB-9E87-6B71438AF817}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C27C12B4-3584-4B34-A095-9AA485E63F1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C49367C2-3F0B-4450-AE05-0B097AA780C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C56CF1AE-EF43-48CE-8062-5647B588F873}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5B40DED-E548-4E6E-90BF-68E34B0B1F2B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6AB59D0-FDDD-4688-8A48-6626D58F949B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8B00D1B-B302-4D69-9E87-A8D30305B468}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8E028E0-AF44-4C52-AE70-73053DFD3822}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2A223E2-14C9-4ACA-B018-B2B8A71FBA3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2D9B6AD-EE65-479E-9D2B-CABB237F8AA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3D64D29-E99B-4C36-AAA1-59A44121F4B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D42EC6E3-C0DC-47A1-B37F-1191F79934B9}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{D4F151F9-1081-4994-B1C7-3EEE6AFFAF2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D594564B-D53F-40A8-AC84-000BA5EEA3FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8C6C58C-920C-4D90-BC44-62F84D37802B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D94A7647-BD8C-4E76-96FE-2FB01AAE81BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC9155E9-90F8-4606-B0A9-A30E69B018EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E1ABCE58-56D4-407B-AD57-7CFB94A99DFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4BD6B49-6E6B-4AD9-9ED2-9340A3E391DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5603646-11BD-47FE-A88B-5F4EE188F2C4}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E63AF067-194D-45C1-A4DF-CB0D1B87813E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E69C7FDF-AE87-411B-AA22-C628921C4C4A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7C61BAB-F970-4D13-9107-C5DA3E6A374F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E81433A9-712F-4B8B-8389-A28568041E70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9469CBB-F4EF-4977-8666-8C5BA89245EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA5E385A-05D9-49E0-9EA6-F319C642D6C4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EADC4791-48F7-4BA5-BE96-65768DA01E8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED8A6D02-60AE-4B31-AF71-4DF6C4FFA6A5}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F328FA08-D53B-4D99-9C37-2E780913C4D0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F64D3AA9-9D79-4F19-8167-D96FC035B3E1}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{F6A1F6B4-E396-4B6F-BC87-A2F63CECC6BF}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{F95CC508-264B-4710-9DB1-E73B81E4A6C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB3B10B4-568C-47EA-9B32-0DDFC3108E33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC0FA5EC-7B0A-4B6B-B7B0-D3C9FD93783D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDC59FCF-9F87-4F3C-9222-DABF7101B88B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF22A23B-6D30-4AC1-B7FE-6A4B1960B9AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Pro X3
"_{DFAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Project Creator
"{00473C7D-1789-4873-9A75-96647FB01D27}" = Translatica 7
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Asystent rejestrowania za pomocą identyfikatora Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A5D65E1-B438-4148-97E3-1BC3627BEC71}" = DigitalPersona Personal 4.11
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{223818EB-2BB5-4AAD-9F38-BA9668A4E3F3}" = Windows Live Messenger
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Bitwa o Śródziemie™ II
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{33691AFF-9ABF-4278-BDB6-902EE07D9237}" = Native Instruments Guitar Rig 3
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{472ABCE2-5B2E-4D29-ABF4-94E1097558A6}" = Diplomacy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578920D9-66B7-4DBF-88EE-8E27D54C684F}" = Jupiter 2009 Standard
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{62621555-6310-433D-983E-957D707DC535}" = ESET Smart Security
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{6D3A83A6-8F72-4354-A80D-721D1E54FC76}" = Garmin City Navigator Europe NT 2012.20 Update
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{745877DC-8FFE-4E4C-ABBC-589B887A47D1}" = Virtual Sound Canvas DXi
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{804EC265-0837-4694-8324-7D385A08319F}" = Hearts of Iron III
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{88CF7ACB-6A31-4EB0-9BA3-5C54D314620C}_is1" = Pasek TVN24 wersja 1.13
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{938C2383-A692-4D2C-AE45-024F91EF7B1D}" = CorelDRAW Graphics Suite X5 - PL
"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0
"{97AFC99F-3E90-4A9F-B4BA-CFDDB9785FDC}" = Jupiter 2008 Standard
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9078D1-FA30-4E1B-A194-983A4898F848}" = Corel KPT Collection
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6EC5250-2E27-1B1C-2283-BBD468EEB1B9}" = e-Deklaracje
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A84C785A-0796-4BED-9BC3-EFB6C4F12602}" = Mirar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobilny Internet
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Polish
"{AC8A37CB-39AD-46C2-9AB5-F6FBE037CC57}" = Bentley MicroStation V8 XM Edition 08.09.04.44
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B1FD6402-6414-42B6-BD77-22F43087D783}" = Gary Grigsby's World At War
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B8169E45-8E23-430B-91D1-EC64540C8ED0}" = HP User Guides 0103
"{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DD876490-252F-4EEF-B205-2E8F5A6E523B}" = ProtectSmart Hard Drive Protection
"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DE612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL
"{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM
"{DF4A2F61-1E26-4D51-94BB-36D77678BDAD}" = PSPH10Pro
"{DF4ABC2B-5CA9-48B2-9266-15AB78384D3C}" = Share
"{DF612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DF75FFEE-2FCE-4774-902A-749198C00A68}" = PureHD
"{DF99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_PRJ
"{DFAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DFBCC13A-E4F2-45EE-846F-D143CEDDDBCB}" = DeviceIO
"{DFC02397-E0EF-4891-820E-1547DCC6701B}" = ContentHD
"{DFC4FA35-7C6B-4C9E-863B-58C4D7472F41}" = VIO
"{DFD99A66-493F-468B-BCE1-6F88612B89D5}" = Contents
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F01B7EF4-F487-4948-AA18-5332FE5495C9}" = Medieval - Total War - Złota Edycja
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F37ACB45-F73B-47A2-BCE5-3019312D8A06}" = GPMapa 2009.3
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"ALLConverter to 3GP_is1" = ALLConverter to 3GP
"ALLPlayer_is1" = ALLPlayer V4.X
"Alpha ASIO driver" = Lexicon Alpha ASIO (remove only)
"AOL Toolbar" = Pasek narzędzi AOL 5.0
"BB_is1" = RealDrums Set 14
"blueconnect" = blueconnect
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Counter-Strike 1.6" = Counter-Strike 1.6
"Crown Of Glory1.10" = Crown Of Glory
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Pakiet sterowników systemu Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"eMule" = eMule
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"EPSON Stylus SX200_SX400_TX200_TX400 Przewodnik użytkownika" = EPSON Stylus SX200_SX400_TX200_TX400 Podręcznik
"ForteDXi_is1" = ForteDXi 1.6
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameSpy Arcade" = GameSpy Arcade
"Gary Grigsby's World At War1.040" = Gary Grigsby's World At War
"Google Chrome" = Google Chrome
"Guitar Pro 4.0.7" = Guitar Pro 4.0.7
"IK Multimedia Amplitube v1.3" = IK Multimedia Amplitube v1.3
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{578920D9-66B7-4DBF-88EE-8E27D54C684F}" = Jupiter 2009 Standard
"InstallShield_{97AFC99F-3E90-4A9F-B4BA-CFDDB9785FDC}" = Jupiter 2008 Standard
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F01B7EF4-F487-4948-AA18-5332FE5495C9}" = Medieval - Total War - Złota Edycja
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Instrukcja użytkownika ESPR220" = Instrukcja użytkownika ESPR220
"ipla" = ipla 2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.6.2 (Full)
"LexiconStudio" = Lexicon Pantheon VST Plug-in (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mistrz Klawiatury 1.0_is1" = Mistrz Klawiatury 1.0
"Mozilla Firefox 6.0 (x86 pl)" = Mozilla Firefox 6.0 (x86 pl)
"Narodziny Ameryki_is1" = Narodziny Ameryki
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Kontakt Player Sibelius" = Native Instruments Kontakt Player Sibelius
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Service Center" = Native Instruments Service Center
"Neuratron PhotoScore Lite" = Neuratron PhotoScore Lite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"OpenAL" = OpenAL
"Pasek TVN24" = Pasek TVN24 1.11
"PG Music DirectX Plugins_is1" = PG Music DirectX Plugins 1.3.4.1
"RealPlayer 6.0" = RealPlayer
"SAMSUNG Android USB Modem" = SAMSUNG Android USB Modem Software
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Sibelius 3" = Sibelius 3
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Steam App 34030" = Napoleon: Total War
"Steam App 63950" = IL-2 Sturmovik: Cliffs of Dover
"Syncrosoft License Control" = Syncrosoft License Control
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VASSAL (3.1.16)" = VASSAL (3.1.16)
"Vodei Multimedia Processor" = Vodei Multimedia Processor 2.10
"Waves GTR 3" = Waves GTR 3
"Wielka Encyklopedia Roślin" = Wielka Encyklopedia Roślin
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinKalk" = WinKalk
"WinRAR archiver" = Archiwizator WinRAR
"Xfire" = Xfire (remove only)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3384155157-3980012862-2537522586-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"VASSAL" = VASSAL

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-09-21 03:11:50 | Computer Name = KAROL-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 2010-09-22 03:24:49 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-23 02:54:07 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-23 12:46:25 | Computer Name = KAROL-PC | Source = Google Update | ID = 20
Description =

Error - 2010-09-23 16:52:29 | Computer Name = KAROL-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd POWERPNT.EXE, wersja 11.0.8324.0, sygnatura
czasowa 0x4bc93678, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura
czasowa 0x49e03821, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003974e, identyfikator
procesu 0x1358, godzina rozpoczęcia aplikacji 0x01cb5b57f4676410.

Error - 2010-09-24 03:53:37 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-25 03:16:03 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 03:09:27 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 04:05:42 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-09-26 05:24:05 | Computer Name = KAROL-PC | Source = WinMgmt | ID = 10
Description =

[ DigitalPersona Pro Events ]
Error - 2009-04-14 08:01:44 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-14 08:01:49 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-14 08:02:03 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-25 16:15:26 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2009-04-25 16:15:31 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2001-01-01 21:27:43 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 2010-01-18 07:17:06 | Computer Name = KAROL-PC | Source = DigitalPersona Pro | ID = 17827589
Description = DPHost cannot start. Error: 0x8009000f

[ Media Center Events ]
Error - 2009-03-25 03:16:47 | Computer Name = KAROL-PC | Source = MCUpdate | ID = 0
Description = Oczekiwanie na obiekt mutex funkcji MCUpdate nie powiodło się i zgłoszono
wyjątek: Oczekiwanie zakończone z powodu porzuconego elementu mutex..

Error - 2010-01-03 07:43:33 | Computer Name = KAROL-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Nazwa obiektu: Media Center
Guide

Error - 2010-06-03 17:07:38 | Computer Name = KAROL-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.WaitForUploadComplete
failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError
returned 10000109 Proces: DefaultDomain Nazwa obiektu: Media Center Guide

[ System Events ]
Error - 2011-09-30 10:29:49 | Computer Name = KAROL-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-09-30 10:30:34 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2011-09-30 11:16:49 | Computer Name = KAROL-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-10-01 03:13:09 | Computer Name = KAROL-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-10-01 03:13:59 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2011-10-01 11:12:12 | Computer Name = KAROL-PC | Source = DCOM | ID = 10005
Description =

Error - 2011-10-02 05:16:25 | Computer Name = KAROL-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2011-10-02 05:17:15 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2011-10-02 05:37:14 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 2011-10-02 05:37:14 | Computer Name = KAROL-PC | Source = Service Control Manager | ID = 7034
Description =

[ Translatica Events ]
Error - 2010-08-02 17:06:31 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-03 14:00:54 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-11 17:29:38 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-12 05:46:45 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-14 07:23:38 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-14 17:52:29 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-14 17:54:19 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-16 15:59:16 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-16 16:24:24 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.

Error - 2010-08-17 18:28:00 | Computer Name = KAROL-PC | Source = StartScreen | ID = 0
Description = Nie można odnaleźć pliku 'C:\Users\KAROL\AppData\Roaming\Mozilla\Firefox\profiles.ini'.


< End of report >

[/log]

Tak w ogóle zauważyłem, że nie pojawia się już BSOD, ale nie wiem czy jest to naprawione czy po prostu coś co go powoduje jest zdezaktywowane. (wirtualny napęd). Taka moja myśl.

Pozdrawiam

Gość
komentarz
komentarz

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:


[php]:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\S-1-5-21-3384155157-3980012862-2537522586-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
FF - prefs.js..browser.startup.homepage: "http://www.ing.pl/u235/navi/35"
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3384155157-3980012862-2537522586-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
33 - MountPoints2\{079d6d45-a137-11de-b381-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{079d6d45-a137-11de-b381-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0a0d7c58-edc5-11df-abe4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0a0d7c58-edc5-11df-abe4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0a0d7c96-edc5-11df-abe4-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{0a0d7c96-edc5-11df-abe4-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3f4cd2ae-6d39-11de-bbb4-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{3f4cd2ae-6d39-11de-bbb4-00235aa3678a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3f4cd2e4-6d39-11de-bbb4-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{3f4cd2e4-6d39-11de-bbb4-00235aa3678a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{497e8cee-a1dd-11de-8e95-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{497e8cee-a1dd-11de-8e95-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4fa324c8-45f1-11de-8642-002186c9e731}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winupd32.exe
O33 - MountPoints2\{4fa324c8-45f1-11de-8642-002186c9e731}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winupd32.exe
O33 - MountPoints2\{55b25d95-bb33-11de-b450-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{55b25d95-bb33-11de-b450-002186c9e731}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{78666a58-1f59-11df-8393-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{78666a58-1f59-11df-8393-002186c9e731}\Shell\AutoRun\command - "" = F:\hom&m3gepl.exe
O33 - MountPoints2\{8a534210-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a534210-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8a53422f-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a53422f-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8a534244-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a534244-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8a534279-a102-11de-aee5-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{8a534279-a102-11de-aee5-002186c9e731}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8f43ff0e-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff0e-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff39-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff39-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff3e-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff3e-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff41-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff41-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f43ff46-edc8-11df-9aef-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{8f43ff46-edc8-11df-9aef-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{92836121-d296-11de-bba3-002186c9e731}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
O33 - MountPoints2\{949d1381-b821-11e0-9426-002186c9e731}\Shell - "" = AutoRun
O33 - MountPoints2\{949d1381-b821-11e0-9426-002186c9e731}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{949d13bd-b821-11e0-9426-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{949d13bd-b821-11e0-9426-001e101f8924}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fe90c862-ed6c-11df-b23e-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{fe90c862-ed6c-11df-b23e-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff9b51f7-edc1-11df-b455-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ff9b51f7-edc1-11df-b455-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff9b5234-edc1-11df-b455-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{ff9b5234-edc1-11df-b455-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff9b523e-edc1-11df-b455-00235aa3678a}\Shell - "" = AutoRun
O33 - MountPoints2\{ff9b523e-edc1-11df-b455-00235aa3678a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe


:Commands
[emptyflash]
[emptytemp][/php]


Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

Powstanie log z usuwania. Zapisz go i dodaj do posta. Wykonaj nowy skan OTL i wstaw log (Extras juz nie potrzebuje).

  • Dobra wypowiedź 1
Perfer
komentarz
komentarz

Wybacz że tak długo nie pisałem. Dało radę, nie crashuje już. LOG'a nie wstawię, bo jestem już na studiach i nie mam dostępu do kompa (od Ojca). W każdym razie dzięki za pomoc, pomogło!

Pozdrawiam.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.