winbooy utworzono 16 czerwca 2012 utworzono 16 czerwca 2012 (edytowane) Witam. Mojej siostry komputer dwa dni temu został zainfekowany trojanem który wyglądał jak anty wirus i nazywał się " Live security platinum". Od razu po infekcji zamulił cały komputer i nie dało się nic zrobić. W trybie awaryjnym przeskanowałem komputer programem "Malwarebytes-Antimalware". Po tym skanowaniu można już było normalnie pracować na komputerze ale, "avast home edition" co chwilę zgłasza problem tz. wyświetla się informacja o zablokowaniu niebezpiecznego programu: win32: Malware-gen ze ścieżki windows/installer... (dalej ścieżki avast w tej chmurkowej informacji nie pokazuje), proses: windows/system32/services.exe. Avast niby cały czas przenosi go do kwarantanny, lecz co jakieś 5 lub 10 minut znów ten sam komunikat. Teraz podczas skanowania (Avastem jak i Malwarebytes-animalware) nic nie wychodzi. Dodam, że próbowałem również skanowania programem Drweb, lecz skanowanie zawiesz się po paru minutach. system: windows vista 64bit utworzone logi z otl, na podstawie [url="http://www.forumpc.pl/index.php?showtopic=104338"]http://www.forumpc.p...howtopic=104338[/url] otl: [log]OTL logfile created on: 2012-06-16 18:25:44 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 51,52% Memory free 8,21 Gb Paging File | 5,92 Gb Available in Paging File | 72,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 45,40 Gb Free Space | 30,21% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 258,06 Gb Free Space | 33,03% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe PRC - [2012-02-29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe PRC - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe MOD - [2012-06-14 21:25:05 | 004,190,920 | ---- | M] (Skype Technologies S.A.) -- C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll MOD - [2012-06-14 20:57:03 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MOD - [2012-06-14 16:48:15 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12061600\uiext.dll MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll MOD - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll MOD - [2012-06-07 10:13:25 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\icudt.dll MOD - [2012-06-07 10:13:19 | 035,876,888 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\chrome.dll MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll MOD - [2012-06-07 09:23:18 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\d3dcompiler_43.dll MOD - [2012-06-07 09:23:18 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\d3dx9_43.dll MOD - [2012-06-04 05:42:00 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-06-04 05:41:57 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-06-04 05:41:57 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-05-30 13:53:22 | 003,977,928 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll MOD - [2012-05-15 08:37:49 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-05-15 08:37:29 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-05-15 08:33:11 | 006,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll MOD - [2012-05-15 08:32:10 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll MOD - [2012-05-15 08:31:43 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-05-15 08:31:42 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-05-15 08:31:42 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll MOD - [2012-05-13 14:52:15 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll MOD - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll MOD - [2012-05-11 16:24:46 | 002,814,464 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ZGUI.dll MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll MOD - [2012-05-11 16:24:24 | 002,268,160 | ---- | M] ([url="http://mediainfo.sourceforge.net"]http://mediainfo.sourceforge.net[/url]) -- C:\Program Files (x86)\ipla\MediaInfoStatic.dll MOD - [2012-05-11 16:23:20 | 000,907,264 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\CommonLib.dll MOD - [2012-05-11 16:22:42 | 000,237,568 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files (x86)\ipla\curllib.dll MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll MOD - [2012-05-05 16:21:11 | 008,778,912 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_235.ocx MOD - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MOD - [2012-04-23 18:00:53 | 000,984,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-04-23 18:00:53 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2012-04-04 15:56:38 | 002,165,320 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll MOD - [2012-04-04 15:56:38 | 000,476,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll MOD - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe MOD - [2012-03-07 19:14:08 | 000,163,840 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2012-03-07 01:15:04 | 000,140,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhAScr.dll MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe MOD - [2012-02-29 17:11:42 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-02-29 17:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-02-29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe MOD - [2012-02-03 17:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll MOD - [2012-01-19 13:47:58 | 002,860,928 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Resource_pl.dll MOD - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe MOD - [2012-01-19 13:26:18 | 000,065,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.dll MOD - [2012-01-19 08:14:30 | 000,918,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll MOD - [2012-01-17 23:44:04 | 000,561,176 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\Main_Help.dll MOD - [2011-12-15 08:07:16 | 006,727,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll MOD - [2011-12-15 08:07:16 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll MOD - [2011-12-15 08:07:16 | 000,057,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll MOD - [2011-12-14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-18 22:55:05 | 001,167,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-16 18:24:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2011-11-16 18:23:05 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe MOD - [2011-10-18 08:18:56 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll MOD - [2011-10-14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2011-08-25 18:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\ggsip.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\networkdao.dll MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe MOD - [2011-06-29 10:47:14 | 001,217,024 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\ipla\LIBEAY32.dll MOD - [2011-06-29 10:47:14 | 000,237,056 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\ipla\SSLEAY32.dll MOD - [2011-06-17 08:06:05 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 08:06:05 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-15 18:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll MOD - [2011-05-22 19:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2011-05-18 18:57:22 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2011-05-18 18:57:22 | 000,044,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-04-12 18:11:05 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-04-01 12:26:40 | 001,663,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll MOD - [2011-03-10 19:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2011-03-03 17:40:05 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2011-03-02 17:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\libhunspell.dll MOD - [2011-02-17 11:00:44 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Gadu-Gadu 10\dbghelp.dll MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\libcurl.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\LIBEAY32.dll MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\SSLEAY32.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2011-01-20 18:06:38 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2011-01-20 18:04:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2010-12-28 17:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2010-10-21 09:38:36 | 000,506,736 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWOW64\Wintab32.dll MOD - [2010-10-21 09:38:34 | 000,650,096 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWOW64\Pen_Tablet.dll MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-08-31 17:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll MOD - [2010-07-10 00:38:00 | 009,818,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-06-18 19:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-06-11 18:15:06 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll MOD - [2010-05-04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msshsq.dll MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-03-18 14:16:28 | 000,801,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll MOD - [2010-03-18 14:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll MOD - [2010-03-18 14:16:28 | 000,688,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll MOD - [2009-12-04 20:28:51 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll MOD - [2009-11-08 10:55:32 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll MOD - [2009-09-25 04:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2009-09-04 13:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-11 21:01:41 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll MOD - [2009-06-15 16:51:38 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll MOD - [2009-04-23 14:15:39 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-04-11 08:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2009-04-11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009-04-11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-04-11 08:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-04-11 08:28:24 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2009-04-11 08:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-04-11 08:28:23 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\onex.dll MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2009-04-11 08:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-04-11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SLC.dll MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-04-11 08:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-04-11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2009-04-11 08:28:22 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009-04-11 08:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009-04-11 08:28:21 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSMPEG2VDEC.DLL MOD - [2009-04-11 08:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll MOD - [2009-04-11 08:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\milcore.dll MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-04-11 08:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2009-04-11 08:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2009-04-11 08:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-04-11 08:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2009-04-11 08:28:19 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2009-04-11 08:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-04-11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\es.dll MOD - [2009-04-11 08:28:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\eappcfg.dll MOD - [2009-04-11 08:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-04-11 08:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-04-11 08:28:18 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2009-04-11 08:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browseui.dll MOD - [2009-04-11 08:28:18 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-04-11 08:28:18 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioEng.dll MOD - [2009-04-11 08:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-04-11 08:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2009-04-11 08:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll MOD - [2009-04-11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-04-11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe MOD - [2009-04-11 08:27:17 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax MOD - [2009-04-11 08:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2009-04-11 08:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-04-11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-04-11 08:26:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-04-11 08:26:43 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-04-11 08:26:43 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-04-11 08:26:43 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-03-08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll MOD - [2009-03-08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll MOD - [2009-03-08 13:31:37 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll MOD - [2009-03-08 13:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll MOD - [2009-03-08 13:22:37 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll MOD - [2008-01-21 04:52:09 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2008-01-21 04:52:02 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2008-01-21 04:51:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2008-01-21 04:51:11 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2008-01-21 04:51:11 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2008-01-21 04:51:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2008-01-21 04:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2008-01-21 04:51:03 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2008-01-21 04:51:00 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll MOD - [2008-01-21 04:50:54 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2008-01-21 04:50:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2008-01-21 04:50:36 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2008-01-21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2008-01-21 04:50:31 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2008-01-21 04:50:28 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2008-01-21 04:50:27 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll MOD - [2008-01-21 04:50:25 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll MOD - [2008-01-21 04:50:15 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2008-01-21 04:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2008-01-21 04:50:11 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\eappprxy.dll MOD - [2008-01-21 04:50:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2008-01-21 04:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2008-01-21 04:50:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2008-01-21 04:49:54 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax MOD - [2008-01-21 04:49:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2008-01-21 04:49:44 | 000,155,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dssenh.dll MOD - [2008-01-21 04:49:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2008-01-21 04:49:42 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll MOD - [2008-01-21 04:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2008-01-21 04:49:30 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx MOD - [2008-01-21 04:49:12 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2008-01-21 04:49:10 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dim700.dll MOD - [2008-01-21 04:49:06 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2008-01-21 04:48:57 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2008-01-21 04:48:55 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll MOD - [2008-01-21 04:48:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2008-01-21 04:48:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2008-01-21 04:48:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2008-01-21 04:48:31 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2008-01-21 04:48:26 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll MOD - [2008-01-21 04:48:21 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2008-01-21 04:48:15 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2008-01-21 04:48:14 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2008-01-21 04:47:40 | 000,090,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll MOD - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe MOD - [2007-08-02 17:45:12 | 000,054,784 | ---- | M] (Sonic Focus, Inc.) -- C:\Windows\SysWOW64\SFFXComm.dll MOD - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe MOD - [2007-03-19 15:20:14 | 000,327,680 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtlLib.dll MOD - [2007-03-09 14:29:44 | 000,155,648 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\IpLib.dll MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll MOD - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe MOD - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe MOD - [2006-11-02 17:02:33 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2006-11-02 11:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll MOD - [2006-11-02 11:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapi32.dll MOD - [2006-11-02 11:46:13 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shimeng.dll MOD - [2006-11-02 11:46:13 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll MOD - [2006-11-02 11:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2006-11-02 11:46:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfos.dll MOD - [2006-11-02 11:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2006-11-02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2006-11-02 11:46:05 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll MOD - [2006-11-02 11:46:05 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Magnification.dll MOD - [2006-11-02 11:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2006-11-02 11:46:03 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crtdll.dll MOD - [2006-11-02 11:46:03 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll MOD - [2006-11-02 11:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2006-11-02 11:46:02 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avicap32.dll MOD - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe MOD - [2006-11-02 11:44:49 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax MOD - [2006-11-02 11:42:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll MOD - [2006-11-02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC) DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187) DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt) DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207) DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187) DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"]http://search.live.c...ferrer:source?}[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"]http://search.live.c...ferrer:source?}[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url] IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = [url="http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"]http://www.google.pl...age={startPage}[/url] IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions [2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\ CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Clownfish] File not found O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) MsConfig:64bit - StartUpFolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - () MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]AdobeAAMUpdater-1.0[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]AdobeCS5ServiceManager[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]AdobeCS6ServiceManager[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]SoundMAXPnP[/b] - hkey= - key= - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] WinDefend - Service SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] BFE - Service SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MPSSvc - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] WinDefend - Service SafeBootNet:[b]64bit:[/b] WudfPf - Driver SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: BFE - Service SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSSvc - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - Service SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl [2012-06-16 09:20:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961} [2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia [2012-06-15 20:04:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C} [2012-06-15 06:55:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729} [2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA% [2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes [2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb [2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012-06-14 07:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B [2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2 [2012-06-13 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2} [2012-06-13 21:01:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F} [2012-06-12 20:32:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA} [2012-06-12 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C} [2012-06-12 07:22:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7} [2012-06-12 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1} [2012-06-11 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E} [2012-06-11 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE} [2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni [2012-06-10 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B} [2012-06-10 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5} [2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012 [2012-06-10 09:58:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782} [2012-06-10 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50} [2012-06-09 21:58:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740} [2012-06-09 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3} [2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat [2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany [2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg [2012-06-08 07:33:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3} [2012-06-08 07:33:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969} [2012-06-07 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71} [2012-06-07 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C} [2012-06-06 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494} [2012-06-06 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6} [2012-06-06 07:35:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6} [2012-06-05 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309} [2012-06-05 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC} [2012-06-04 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A} [2012-06-04 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0} [2012-06-04 05:46:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109} [2012-06-04 05:45:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1} [2012-06-03 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446} [2012-06-03 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590} [2012-06-02 07:38:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9} [2012-06-02 07:38:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944} [2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe [2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA [2012-06-01 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39} [2012-06-01 18:42:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3} [2012-05-30 19:05:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C} [2012-05-30 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326} [2012-05-30 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC} [2012-05-30 07:05:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA} [2012-05-29 19:04:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E} [2012-05-29 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777} [2012-05-29 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B} [2012-05-29 07:03:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0} [2012-05-28 17:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689} [2012-05-28 17:28:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112} [2012-05-27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A} [2012-05-27 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07} [2012-05-27 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61} [2012-05-27 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD} [2012-05-25 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9} [2012-05-25 21:22:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4} [2012-05-24 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD} [2012-05-24 21:55:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D} [2012-05-23 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31} [2012-05-23 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF} [2012-05-23 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC} [2012-05-23 08:32:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D} [2012-05-22 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B} [2012-05-22 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B} [2012-05-22 08:30:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61} [2012-05-22 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7} [2012-05-21 20:29:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF} [2012-05-21 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784} [2012-05-21 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032} [2012-05-21 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C} [2012-05-20 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9} [2012-05-20 20:28:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089} [2012-05-20 08:12:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2} [2012-05-20 08:12:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7} [2012-05-19 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B} [2012-05-19 18:01:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4} [2012-05-18 22:28:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{47195980-942F-4C45-83B4-2B877B7F8BA5} [2012-05-18 22:28:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5A3DCE6F-EF82-42C9-9D96-A72E53D6C420} [2012-05-18 07:14:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C6D7CAEB-17AB-4C6D-BAAD-C95BC67A7154} [2012-05-17 07:30:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25AFE33E-F507-40CE-94EC-31EB4E6AB5C2} [2012-05-17 07:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C64AB374-DA7B-4215-BA0C-F6FF7689B573} [2012-05-16 19:23:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A672EDEA-A3C2-4829-A1A9-91276AAC570B} [2012-05-16 19:23:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B225FFCE-AE41-4D35-83B3-2D07533D8323} [2012-05-16 07:23:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BFF7B9E8-38BC-4C40-8AA7-F60ADE96DE7E} [2012-05-16 07:22:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F98C789B-0E48-4C72-9ED7-66F9834645F1} [2012-05-15 19:22:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C91E88B-6005-4B6C-9363-1B647A6E9BE7} [2012-05-15 19:22:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2071076B-5182-4105-8086-52D81A88E69A} [2012-05-15 07:21:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4783D42A-7F8D-45D2-8AD4-217DD6702D7F} [2012-05-15 07:21:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{41F692BC-DEF4-429E-99DB-3F69924B09CA} [2012-05-14 21:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec [2012-05-14 21:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec [2012-05-14 21:43:06 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\SelfMV [2012-05-14 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ADC3B9-AB90-4DCC-BFBB-0D7443EE38D1} [2012-05-14 19:19:39 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7893E44A-63D1-46BD-B194-6DF422DBEF2F} [2012-05-14 06:18:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2F390EE-3997-428F-A421-893C294654B5} [2012-05-14 06:18:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{350A2D22-A75E-49B4-B0ED-D6AF8B9FB510} [2012-05-13 18:04:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Temp [2012-05-13 14:51:47 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Samsung [2012-05-13 14:51:42 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\samsung [2012-05-13 14:51:15 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudserd.sys [2012-05-13 14:51:15 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys [2012-05-13 14:51:15 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys [2012-05-13 14:48:28 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll [2012-05-13 14:47:51 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll [2012-05-13 14:47:51 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\SysWow64\drivers\dgderdrv.sys [2012-05-13 14:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny [2012-05-13 14:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012-05-13 12:40:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EA5F337A-40AC-4FDC-8EC8-9261F88AA002} [2012-05-13 12:40:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{41067B56-F2AC-4A1B-8875-45B2F2B33A5A} [2012-05-12 23:49:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5B072225-2B2D-439E-B7A4-82D4BDF16981} [2012-05-12 23:49:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{829DFE31-7DDF-4FBF-A372-242A8529C83C} [2012-05-12 11:49:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98023137-88EE-4E97-A243-A75CA1FE5579} [2012-05-12 11:49:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3303A99-EDAF-4C6A-9D25-4413D2380981} [2012-05-11 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{60FFA8FE-E8A6-4B5A-BB33-7F15AE7BDDFC} [2012-05-11 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F4964892-0A5C-44F2-8A16-7194F5059F1B} [2012-05-10 20:48:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{733DC379-9D5A-4204-871A-6C50BB07038C} [2012-05-10 20:48:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7975F704-8DBF-4D71-8EDC-40760119964D} [2012-05-10 06:52:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{211F2F4A-0C2D-4EEE-A92C-FDC49E95D3D1} [2012-05-10 06:52:43 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27D764C3-0095-49B3-80AD-8A77365AEBA8} [2012-05-09 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9D14EDEF-654D-43C6-8966-75592BF99D47} [2012-05-09 18:52:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D69A488-1CB9-4E2F-B90F-A963E8717358} [2012-05-08 23:32:47 | 000,000,000 | ---D | C] -- C:\Download [2012-05-08 23:32:33 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\My Videos [2012-05-08 23:32:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Samsung [2012-05-08 23:32:31 | 000,000,000 | ---D | C] -- C:\AllShare [2012-05-08 23:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2012-05-08 23:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2012-05-08 23:12:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Downloaded Installations [2012-05-08 21:33:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{827853F4-1D18-4F84-A21E-A495738D49BB} [2012-05-08 21:33:32 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B4A04DC1-25A6-4C9E-9FAA-D65BD684677D} [2012-05-08 07:13:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F92E5DF2-8432-4A41-8858-6D53F949C2E8} [2012-05-08 07:13:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6F197C5-8A17-452A-8647-E59CBF61975A} [2012-05-07 17:05:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2C9C64A6-8956-4AA5-B664-60AEAD4488C1} [2012-05-07 17:04:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{AF45B0CE-B86A-4D96-9C66-5E5C5FC651A5} [2012-05-06 22:36:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7F9E8483-6AD2-47CF-9D17-39600910DB74} [2012-05-06 22:36:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27F49C0D-38D8-4972-8F08-1930CF0C1E3C} [2012-05-06 10:36:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7ABBC2AA-BA91-44E3-90B7-7DF0FD3EA9C9} [2012-05-06 10:36:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BEF6BE91-BC74-4AE5-A19E-4CFCAF6A11BB} [2012-05-05 11:45:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C0CDA4C6-ACF8-4A92-987D-FEED3EC00C32} [2012-05-05 11:45:28 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69AC5A75-E1BA-42B7-8E5E-B4D3C36C9CD6} [2012-05-04 23:10:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96AD2391-AA25-4413-B065-961D8C9A273D} [2012-05-04 23:10:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FDA56231-B918-4C13-9FC0-A863F9AC1A70} [2012-05-04 08:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7136449B-1004-471D-B160-8A09E9600C7D} [2012-05-04 08:13:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D2D30E61-D99B-49DC-87A0-ABFB69E99C17} [2012-05-03 19:14:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25965452-EAE6-4DB2-934A-36A3BD618B33} [2012-05-03 19:13:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1F2BC59E-17D6-4E30-8501-FB92460BC6EE} [2012-05-03 01:07:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{031298E9-A622-4894-9DAA-803868174CC4} [2012-05-03 01:06:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0AAE535F-2F5F-4E61-9402-61629BA1293E} [2012-05-02 10:56:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F547848D-E476-4A10-8B58-89D366398883} [2012-05-02 10:55:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B7049F98-4706-4A73-9910-5D124D689767} [2012-05-01 22:19:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BBA221BF-FD17-401C-9477-C053F5E10E87} [2012-05-01 22:18:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F35E146C-5C1F-48E5-8106-676BACEAC83A} [2012-05-01 10:18:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9AA26027-DA6C-4FB1-BD26-72CDA47F0552} [2012-05-01 10:18:13 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9F470F64-6B63-4E29-8E46-DCA535D8E6B5} [2012-04-30 22:17:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4DFB4711-FF90-4CA7-BF48-B95325F88E7B} [2012-04-30 22:17:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DF0FB16-86B4-44E3-BC5B-5D81886E9CE0} [2012-04-30 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0A936CA9-741B-4D9C-96DF-E4F95B7618AA} [2012-04-30 10:17:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{098463D5-4F91-493B-9F00-488AE349DCEB} [2012-04-29 22:16:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D0C07662-2F51-41D2-A769-2AF57F26C76D} [2012-04-29 22:16:29 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{250A1715-3202-4712-BB22-237DE0B03BCF} [2012-04-29 10:16:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{85DA1D67-01A0-4DA7-A8FC-77B1E51D6F55} [2012-04-29 10:15:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BE0028B4-137E-4816-B2D4-2922288ECF22} [2012-04-28 21:02:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DB7D8BA7-4C36-478C-B733-644D82E9BD0A} [2012-04-28 21:02:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{81D4DBA2-679F-4A9A-B144-24D05651BB72} [2012-04-28 09:02:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{83979BAE-99C3-4411-90B4-DFBFE175A296} [2012-04-28 09:02:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C63A6F6F-BB69-424F-8BEC-B272B52CDBB0} [2012-04-27 21:01:36 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1C8C6E0D-106F-4691-BFBE-FED3EBC2AB0E} [2012-04-27 21:01:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C76289E-40C8-45B4-9BC3-AA04792695FE} [2012-04-27 06:43:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{19F2D99C-C09E-4EE0-A31A-F6EAC9878CFC} [2012-04-27 06:42:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E8AFC782-343F-4F0F-8017-EE83A0B17631} [2012-04-26 22:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012-04-26 22:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012-04-26 16:51:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{77DFD756-A1B7-4C8E-8367-CAC0BBDFB710} [2012-04-26 16:51:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{74DFCAE0-AC12-4286-A857-55DBB35FACA6} [2012-04-26 07:05:47 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{94296090-E685-491B-9C2A-FB7444BEFBDA} [2012-04-25 18:46:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B392D394-5874-41C6-9963-42DEB9498FEE} [2012-04-25 18:46:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{78011D40-4348-417B-92D4-F3A6F341BFA4} [2012-04-25 06:45:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{223303DA-FB84-4FA7-9B71-F4A430682E47} [2012-04-25 06:45:39 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{8D6E948B-439F-4D84-9166-0DE205F81D5F} [2012-04-24 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C3AF48B1-13E4-4FF7-859C-5EB5FF915D95} [2012-04-24 18:45:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{90CEC225-8617-4033-915E-F7581589E141} [2012-04-24 06:44:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EFAD63F7-5B71-4520-B719-52C0663F3B12} [2012-04-24 06:44:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C4DF2B45-16B1-44D7-A1E1-3C9E7B582FD9} [2012-04-23 17:02:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E12BF02E-536C-49CD-962B-888F1E08DE87} [2012-04-23 17:02:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DC01F7E3-FFAF-4F7F-A851-7315B8F806B6} [2012-04-22 22:14:29 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\klupś cennik [2012-04-22 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD85F0FB-1A15-4A3B-BD62-CEF315F2E572} [2012-04-22 22:08:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2500BFB2-875D-4041-A0C4-80CE3EC4B4A2} [2012-04-22 09:34:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E53CEFAF-2DCD-4775-9CBC-12EABAB853B8} [2012-04-22 09:34:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{91FEFEEA-9D77-4FD0-B530-F52545373E62} [2012-04-21 21:33:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0A4DCC67-901D-40A4-9AA2-5EC06D0E08D0} [2012-04-21 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{40B96F02-9A22-4F5D-8DF7-DE51BA2D8ACE} [2012-04-21 19:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-21 19:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-04-21 09:33:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5D5BCAB8-DD4E-49BD-8B53-A26F3AB1C602} [2012-04-21 09:32:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F7DFD4FD-F937-4B1E-8230-36900D4CF32D} [2012-04-20 21:32:29 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5511A564-11B5-408C-B054-5E7A026D0212} [2012-04-20 21:32:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9ADDFF17-3C5B-4131-BEB9-28BCB61C554F} [2012-04-20 20:33:13 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD0C0788-B02D-43AC-8940-FC6F1BE6897D} [2012-04-20 20:06:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6EAB149B-A81C-4F9D-A54E-594CDC16C3B8} [2012-04-20 06:56:28 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{170F7A8C-C359-4BD9-8E7C-4F6CAB8C01D2} [2012-04-20 06:56:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5B14DEC7-8F73-43C6-8678-015B13F9143D} [2012-04-19 20:48:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4B54DDFB-A71C-42A7-AC03-C5B9BB723BB7} [2012-04-19 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E2025A3D-C587-41EE-8DBF-EB3246D755F5} [2012-04-19 08:13:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{77EA6E16-DA4E-479E-9EC9-2C46D7CDD85F} [2012-04-18 20:13:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E8775926-4568-4AEA-A550-BAE50508F191} [2012-04-18 20:12:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7BD9F8E1-C1C0-4E86-91D3-076E3AB7B6DB} [2012-04-18 08:12:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CC91A330-A68E-43F6-AF3F-ACEE40F4E35D} [2012-04-18 08:11:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{687EC378-FB19-4376-B782-3D46F9D4FC3B} [2012-04-17 20:11:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6157FDC-DD0C-4451-B018-BA49B053B630} [2012-04-17 20:11:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E73A2B59-9EA1-4EB0-9802-97130FBDE377} [2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll [2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll [2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-06-16 18:32:11 | 003,145,728 | -HS- | M] () -- C:\Users\PC\NTUSER.DAT [2012-06-16 18:21:15 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-16 18:13:25 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-16 18:13:25 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-16 18:13:25 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-16 18:13:25 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-16 18:13:25 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-16 18:07:39 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-06-16 18:07:39 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-06-16 18:07:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-16 18:07:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-16 18:07:14 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-16 18:07:14 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job [2012-06-16 18:07:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-06-16 18:07:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-16 18:07:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012-06-16 13:22:31 | 000,524,288 | -HS- | M] () -- C:\Users\PC\NTUSER.DAT{dffff4ff-eabb-11e0-aa0b-001fc60130cb}.TMContainer00000000000000000001.regtrans-ms [2012-06-16 13:22:31 | 000,065,536 | -HS- | M] () -- C:\Users\PC\NTUSER.DAT{dffff4ff-eabb-11e0-aa0b-001fc60130cb}.TM.blf [2012-06-16 13:22:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-06-16 13:07:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012-06-16 01:54:47 | 001,869,772 | -H-- | M] () -- C:\Users\PC\AppData\Local\IconCache.db [2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-15 07:45:49 | 000,138,936 | ---- | M] () -- C:\Users\PC\Desktop\komunikat avast 15062012.jpg [2012-06-14 21:56:50 | 000,145,488 | ---- | M] () -- C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT [2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb [2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-05-19 18:11:31 | 031,905,004 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav [2012-05-19 18:11:22 | 030,293,864 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav [2012-05-19 18:11:13 | 030,164,498 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav [2012-05-19 18:11:04 | 028,071,220 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav [2012-05-19 18:10:55 | 034,503,940 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav [2012-05-19 18:10:45 | 024,630,268 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav [2012-05-19 18:10:37 | 029,176,696 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav [2012-05-19 18:10:28 | 030,352,674 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav [2012-05-19 18:10:18 | 029,858,750 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav [2012-05-19 18:10:07 | 025,436,984 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav [2012-05-19 18:09:58 | 025,150,056 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav [2012-05-19 18:09:49 | 029,028,496 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav [2012-05-19 18:09:38 | 033,017,480 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav [2012-05-19 18:09:26 | 031,780,338 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav [2012-05-19 18:09:13 | 028,188,830 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav [2012-05-19 18:09:01 | 030,477,322 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav [2012-05-19 18:08:47 | 030,305,640 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav [2012-05-19 18:08:33 | 031,380,502 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav [2012-05-19 18:08:18 | 033,135,086 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav [2012-05-19 18:08:00 | 033,497,290 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav [2012-05-17 20:24:14 | 146,462,955 | ---- | M] () -- C:\Users\PC\Desktop\Radek Jochim17052012A.mp3 [2012-05-17 17:07:26 | 048,822,796 | ---- | M] () -- C:\Users\PC\Desktop\Radek Jochim 17.05.2012.mp3 [2012-05-13 14:51:40 | 000,001,788 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2012-05-08 23:32:45 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk [2012-05-03 00:54:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2012-04-24 22:55:02 | 006,040,819 | ---- | M] () -- C:\Users\PC\Desktop\ProcuctBrochure_Pl.pdf [2012-04-24 22:53:34 | 000,318,163 | ---- | M] () -- C:\Users\PC\Desktop\Cennikdetaliczny2012_04wersjadrugawww.pdf [2012-04-24 22:52:53 | 000,151,363 | ---- | M] () -- C:\Users\PC\Desktop\Cennik_hurtowy_2012_04www.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-16 13:22:07 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\U\00000001.@ [2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-15 07:45:44 | 000,138,936 | ---- | C] () -- C:\Users\PC\Desktop\komunikat avast 15062012.jpg [2012-06-14 21:50:24 | 001,869,772 | -H-- | C] () -- C:\Users\PC\AppData\Local\IconCache.db [2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-05-19 18:11:22 | 031,905,004 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav [2012-05-19 18:11:13 | 030,293,864 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav [2012-05-19 18:11:04 | 030,164,498 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav [2012-05-19 18:10:55 | 028,071,220 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav [2012-05-19 18:10:45 | 034,503,940 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav [2012-05-19 18:10:37 | 024,630,268 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav [2012-05-19 18:10:28 | 029,176,696 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav [2012-05-19 18:10:18 | 030,352,674 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav [2012-05-19 18:10:07 | 029,858,750 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav [2012-05-19 18:09:58 | 025,436,984 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav [2012-05-19 18:09:49 | 025,150,056 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav [2012-05-19 18:09:38 | 029,028,496 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav [2012-05-19 18:09:26 | 033,017,480 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav [2012-05-19 18:09:13 | 031,780,338 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav [2012-05-19 18:09:01 | 028,188,830 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav [2012-05-19 18:08:47 | 030,477,322 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav [2012-05-19 18:08:33 | 030,305,640 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav [2012-05-19 18:08:18 | 031,380,502 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav [2012-05-19 18:08:00 | 033,135,086 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav [2012-05-19 18:07:40 | 033,497,290 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav [2012-05-17 20:18:39 | 146,462,955 | ---- | C] () -- C:\Users\PC\Desktop\Radek Jochim17052012A.mp3 [2012-05-17 20:07:15 | 048,822,796 | ---- | C] () -- C:\Users\PC\Desktop\Radek Jochim 17.05.2012.mp3 [2012-05-13 14:51:40 | 000,001,788 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2012-05-08 23:32:45 | 000,001,860 | ---- | C] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk [2012-05-03 00:54:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2012-04-24 22:55:02 | 006,040,819 | ---- | C] () -- C:\Users\PC\Desktop\ProcuctBrochure_Pl.pdf [2012-04-24 22:53:34 | 000,318,163 | ---- | C] () -- C:\Users\PC\Desktop\Cennikdetaliczny2012_04wersjadrugawww.pdf [2012-04-24 22:52:53 | 000,151,363 | ---- | C] () -- C:\Users\PC\Desktop\Cennik_hurtowy_2012_04www.pdf [2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@ [2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\@ [2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys [2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010-08-16 16:34:52 | 000,145,488 | ---- | C] () -- C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [color=#E56717]========== LOP Check ==========[/color] [2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib [2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla [2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10 [2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG [2012-06-16 18:07:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla [2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView [2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech [2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM [2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org [2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM [2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung [2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer [2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp [2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall [2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer [2012-06-16 18:07:14 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job [2012-06-16 13:22:09 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2010-08-16 17:24:00 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2011-04-03 15:11:07 | 000,001,564 | ---- | M] () -- C:\index.htm [2012-05-27 09:48:50 | 000,037,670 | ---- | M] () -- C:\mksbasel.cpp.log [2011-09-08 20:34:16 | 000,921,632 | ---- | M] () -- C:\PA207.DAT [2012-06-16 18:07:07 | 312,668,159 | -HS- | M] () -- C:\pagefile.sys [2012-03-11 18:08:14 | 000,109,056 | ---- | M] () -- C:\ulotka_calosc.doc [2011-08-11 23:16:56 | 000,031,232 | ---- | M] () -- C:\UMOWA AGENCYJNO akwizycyjna.doc [2011-08-13 09:12:35 | 000,030,720 | ---- | M] () -- C:\UMOWA HANDLOWA AMK ROMAR.doc [2012-02-08 15:17:12 | 000,000,162 | -H-- | M] () -- C:\~$aczego warto stosować preparaty na bazie aloesu.dot [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-01-21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys [2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys [2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys [2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-01-21 04:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys [2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys [2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2012-04-04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009-04-11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe [2009-04-11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008-01-21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV < End of report > [/log] Extras [log]OTL Extras logfile created on: 2012-06-16 18:25:44 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 51,52% Memory free 8,21 Gb Paging File | 5,92 Gb Available in Paging File | 72,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 45,40 Gb Free Space | 30,21% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 258,06 Gb Free Space | 33,03% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 63 A2 6C 66 0C 48 CB 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3427946872-3053539125-2350841564-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Pen Tablet Driver" = Bamboo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4 "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA "{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture "{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw "{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP "{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content "{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters "{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish "{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BE686891-3C56-4714-AFEF-341A7867BA80}" = ASUS WiFi-AP Solo "{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1" = NexusFile (5.3.1.5460) "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Clownfish" = Clownfish for Skype "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "ESET Online Scanner" = ESET Online Scanner v3 "FileZilla Client" = FileZilla Client 3.5.0 "flashFONT" = flashFONT "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Host OpenAL (ADI)" = Host OpenAL (ADI) "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "ipla" = ipla 2.3.5 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400 "Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0 "Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "QuicktimeAlt_is1" = QuickTime Alternative 3.1.1 "RealAlt_is1" = Real Alternative 2.0.2 "SkanerOnline" = Skaner on-line mks_vir "TeamViewer 6" = TeamViewer 6 "TeamViewer 7" = TeamViewer 7 "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MyFreeCodec" = MyFreeCodec "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-02-08 02:55:54 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2012-02-08 05:26:24 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-02-08 05:55:15 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 16b4 Godzina rozpoczęcia: 01cce6468e63c29e Godzina zakończenia: 12 Error - 2012-02-08 06:00:10 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 14c8 Godzina rozpoczęcia: 01cce647c336991e Godzina zakończenia: 11 Error - 2012-02-08 06:05:22 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 1798 Godzina rozpoczęcia: 01cce6487ac5909e Godzina zakończenia: 15 Error - 2012-02-08 09:15:17 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program WINWORD.EXE w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 1e68 Godzina rozpoczęcia: 01cce6638867e7fe Godzina zakończenia: 15 Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk(1).exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error - 2012-02-08 09:39:01 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-02-08 09:46:47 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 2011-02-16 16:35:21 | Computer Name = PC-PC | Source = Media Center Guide | ID = 0 Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError returned 0D Proces: DefaultDomain Nazwa obiektu: Media Center Guide [ System Events ] Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023 Description = Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-06-16 12:08:57 | Computer Name = PC-PC | Source = Dhcp | ID = 1001 Description = Komputerowi nie został przypisany adres z sieci (przez serwer DHCP) dla karty sieciowej o adresie 0015AF51B859. Wystąpił następujący błąd: %%1223. Komputer będzie dalej próbował sam uzyskać adres z serwera adresów sieciowych (DHCP). < End of report > [/log] Oraz logi z rsit: info: [log]info.txt logfile of random's system information tool 1.09 2012-06-16 22:13:14 ======Uninstall list====== -->MsiExec /X{8A809006-C25A-4A3A-9DAB-94659BCDB107} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x9 7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe" Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe -maintain plugin Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}" Adobe Photoshop CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" Adobe Reader 9.3 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001} ASUS WiFi-AP Solo-->C:\Program Files (x86)\InstallShield Installation Information\{BE686891-3C56-4714-AFEF-341A7867BA80}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0015 -removeonly avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3} Clownfish for Skype-->"C:\Program Files (x86)\Clownfish\uninstall.exe" CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012} CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016} CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013} CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017} CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019} CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010} CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A} CorelDRAW Graphics Suite X4 - Lang PL-->MsiExec.exe /I{6834B8AE-D23B-4B26-A919-6515844CF2BA} CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014} CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181} CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73} CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10} CorelDRAW(R) Graphics Suite X4-->c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe FileZilla Client 3.5.0-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe flashFONT-->C:\Program Files\flashFONT\Odinstaluj.exe Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Host OpenAL (ADI)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x9 /remove Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B6E073B9-F238-379A-AA45-D323CD308DAE} /parameterfolder Client ipla 2.3.5-->C:\Program Files (x86)\ipla\uninst.exe IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} K-Lite Codec Pack 6.2.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" Logitech Webcam Software-->"C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=PLK /guid="{D40EB009-0499-459c-A8AF-C9C110766215}" LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9} LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA} LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967} LWS Twitter-->MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48} LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441} LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189} LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D} LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} Malwarebytes Anti-Malware wersja 1.61.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Mechanical Clock 3D Screensaver 1.0-->"C:\Program Files (x86)\Mechanical Clock 3D Screensaver\unins000.exe" Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox 12.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} NexusFile (5.3.1.5460)-->"C:\Program Files (x86)\NexusFile\unins000.exe" NVIDIA PhysX-->MsiExec.exe /X{8A809006-C25A-4A3A-9DAB-94659BCDB107} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask OpenOffice.org 3.2-->MsiExec.exe /I{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4} PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} QuickTime Alternative 3.1.1-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe" Real Alternative 2.0.2-->"C:\Program Files (x86)\Real Alternative\unins000.exe" Samsung AllShare-->"C:\Program Files (x86)\InstallShield Installation Information\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}\setup.exe" -runfromtemp -l0x0415 -removeonly Samsung AllShare-->MsiExec.exe /I{DF47ACA3-7C78-4C08-8007-AC682563C9F1} Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {480E8A87-3B8C-3ECE-8CEA-6B2349AE1C1F} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {897A5D64-963A-3C11-A176-F6766BD09D16} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} Skaner on-line mks_vir-->C:\Windows\system32\SkanerOnlineUninstall.exe Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} SoundMAX-->C:\Program Files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0015 -removeonly TeamViewer 6-->C:\Program Files (x86)\TeamViewer\Version6\uninstall.exe TeamViewer 7-->C:\Program Files (x86)\TeamViewer\Version7\uninstall.exe Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client WebTablet IE Plugin-->"C:\Program Files (x86)\TabletPlugins\ieUninstall.exe" /S WebTablet Netscape Plugin-->"C:\Program Files (x86)\TabletPlugins\npUninstall.exe" /S Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe" Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: PC-PC Event Code: 7036 Message: Usługa Klient DNS weszła w stan uruchomienia. Record Number: 238314 Source Name: Service Control Manager Time Written: 20120210095435.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 7036 Message: Usługa Izolacja klucza CNG weszła w stan uruchomienia. Record Number: 238313 Source Name: Service Control Manager Time Written: 20120210095435.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 7036 Message: Usługa Usługa interfejsu magazynu sieciowego weszła w stan uruchomienia. Record Number: 238312 Source Name: Service Control Manager Time Written: 20120210095435.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 7036 Message: Usługa Pomoc TCP/IP NetBIOS weszła w stan uruchomienia. Record Number: 238311 Source Name: Service Control Manager Time Written: 20120210095435.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 7036 Message: Usługa Wacom Consumer Touch Service weszła w stan uruchomienia. Record Number: 238310 Source Name: Service Control Manager Time Written: 20120210095435.000000-000 Event Type: Informacje User: =====Application event log===== Computer Name: PC-PC Event Code: 1033 Message: Te zasady są wykluczane, ponieważ są zdefiniowane tylko z atrybutem pozwalającym wyłącznie na zastępowanie. Nazwy=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w) Identyfikator aplikacji=55c92734-d682-4d71-983e-d6ec3f16059f Identyfikator SKU=f3acdd3c-119a-4932-a3d7-0b6f33a1dca9 Record Number: 14406 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20110127073839.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 14405 Source Name: Microsoft-Windows-WMI Time Written: 20110127073839.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 102 Message: Windows (2820) Windows: Aparat bazy danych (6.00.6002.0000) uruchomił nowe wystąpienie (0). Record Number: 14404 Source Name: ESENT Time Written: 20110127073839.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 14403 Source Name: Microsoft-Windows-WMI Time Written: 20110127073839.000000-000 Event Type: Informacje User: Computer Name: PC-PC Event Code: 6000 Message: Subskrybent powiadomień usługi winlogon <SessionEnv> był niedostępny i nie mógł obsłużyć zdarzenia powiadamiania. Record Number: 14402 Source Name: Microsoft-Windows-Winlogon Time Written: 20110127073837.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: PC-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 74008 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120115204530.049751-000 Event Type: Sukces inspekcji User: Computer Name: PC-PC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: PC-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x250 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 74007 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120115204530.049751-000 Event Type: Sukces inspekcji User: Computer Name: PC-PC Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: PC-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x250 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Adres sieciowy: - Port: - To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 74006 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120115204530.049751-000 Event Type: Sukces inspekcji User: Computer Name: PC-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-21-3427946872-3053539125-2350841564-1000 Nazwa konta: PC Domena konta: PC-PC Identyfikator logowania: 0x243f2 Uprawnienia: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 74005 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120115204529.629751-000 Event Type: Sukces inspekcji User: Computer Name: PC-PC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: PC-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 2 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-21-3427946872-3053539125-2350841564-1000 Nazwa konta: PC Domena konta: PC-PC Identyfikator logowania: 0x243f2 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2b4 Nazwa procesu: C:\Windows\System32\winlogon.exe Informacje o sieci: Nazwa stacji roboczej: PC-PC Adres źródłowy sieci: 127.0.0.1 Port źródłowy: 0 Szczegółowe informacje o uwierzytelnianiu: Proces logowania: User32 Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 74004 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120115204529.629751-000 Event Type: Sukces inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\QuickTime Alternative\QTSystem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 11, GenuineIntel "PROCESSOR_REVISION"=0f0b "NUMBER_OF_PROCESSORS"=4 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat "DFSTRACINGON"=FALSE "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ -----------------EOF----------------- [/log] i log [log]Logfile of random's system information tool 1.09 (written by random/random) Run by PC at 2012-06-16 22:13:12 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 46 GB (30%) free of 154 GB Total RAM: 4094 MB (67% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\RtlVistaStart.job =========Mozilla firefox========= ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\hqap91pz.default prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.3.300.257 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4] "Description"=WebTablet Plugin API "Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5] "Description"=WebTablet Plugin API "Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\plugins\ np-mswmp.dll npwachk.dll WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\hqap91pz.default\extensions\ {20a82645-c095-46ed-80e3-08825760534b} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-05-30 4014280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-16 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-08-02 53248] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336] "AllShareAgent"=C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-04-27 3521424] "Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240] "Gadu-Gadu 10"=C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [2011-07-04 13374048] "Clownfish"= [] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552] "KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-04-27 955280] "KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-13 21416] "AdobeBridge"= [] "IPLA!"=C:\Program Files (x86)\ipla\ipla.exe [2012-05-11 19858432] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup ASUS WiFi-AP Solo.lnk - C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HideSCAHealth"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=lvcodec2.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\SysWOW64\Notepad.exe %1 .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-06-16 22:13:12 ----D---- C:\rsit 2012-06-16 22:13:12 ----D---- C:\Program Files (x86)\trend micro 2012-06-14 21:36:23 ----D---- C:\Windows\pss 2012-06-14 20:46:41 ----A---- C:\Windows\avastSS.scr 2012-06-14 20:46:40 ----A---- C:\Windows\SysWOW64\aswBoot.exe 2012-06-14 20:46:09 ----D---- C:\ProgramData\AVAST Software 2012-06-14 20:17:07 ----SHD---- C:\Config.Msi 2012-06-14 18:47:01 ----D---- C:\Users\PC\AppData\Roaming\Malwarebytes 2012-06-14 18:46:56 ----D---- C:\ProgramData\Malwarebytes 2012-06-14 18:46:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-14 07:17:52 ----D---- C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B 2012-06-12 20:33:13 ----A---- C:\Windows\SysWOW64\wininet.dll 2012-06-12 20:33:13 ----A---- C:\Windows\SysWOW64\urlmon.dll 2012-06-12 20:33:13 ----A---- C:\Windows\SysWOW64\iertutil.dll 2012-06-12 20:33:11 ----A---- C:\Windows\SysWOW64\url.dll 2012-06-12 20:33:11 ----A---- C:\Windows\SysWOW64\mshtml.dll 2012-06-12 20:33:11 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2012-06-12 20:33:10 ----A---- C:\Windows\SysWOW64\ieframe.dll 2012-06-12 20:33:09 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2012-06-12 20:33:08 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2012-06-12 20:33:07 ----A---- C:\Windows\SysWOW64\mstime.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\occache.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\ieui.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iesetup.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iernonce.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iepeers.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\ie4uinit.exe 2012-06-12 20:33:00 ----A---- C:\Windows\SysWOW64\cryptsvc.dll 2012-06-12 20:33:00 ----A---- C:\Windows\SysWOW64\cryptnet.dll 2012-06-12 20:33:00 ----A---- C:\Windows\SysWOW64\crypt32.dll 2012-06-04 05:41:41 ----A---- C:\Windows\dd_vcredistUI5878.txt 2012-06-04 05:41:41 ----A---- C:\Windows\dd_vcredistMSI5878.txt 2012-06-01 19:42:20 ----D---- C:\Users\PC\AppData\Roaming\NVIDIA ======List of files/folders modified in the last 1 month====== 2012-06-16 22:13:12 ----RD---- C:\Program Files (x86) 2012-06-16 22:11:48 ----D---- C:\Windows\Prefetch 2012-06-16 22:09:32 ----D---- C:\Users\PC\AppData\Roaming\Skype 2012-06-16 22:01:46 ----D---- C:\Windows\Temp 2012-06-16 22:01:25 ----D---- C:\Windows\System32 2012-06-16 21:52:53 ----D---- C:\Windows\inf 2012-06-16 21:48:04 ----D---- C:\Users\PC\AppData\Roaming\ipla 2012-06-16 21:46:46 ----D---- C:\ProgramData\NVIDIA 2012-06-16 11:01:18 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-06-16 08:18:07 ----SHD---- C:\System Volume Information 2012-06-15 20:11:40 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft 2012-06-15 19:50:18 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-06-14 21:36:23 ----D---- C:\Windows 2012-06-14 21:14:38 ----RD---- C:\Program Files 2012-06-14 20:47:33 ----D---- C:\Windows\SysWOW64 2012-06-14 20:47:11 ----SHD---- C:\Windows\Installer 2012-06-14 20:46:09 ----HD---- C:\ProgramData 2012-06-14 20:17:09 ----D---- C:\ProgramData\Skype 2012-06-14 18:50:04 ----A---- C:\Windows\ntbtlog.txt 2012-06-13 20:28:18 ----D---- C:\Windows\rescache 2012-06-13 20:23:06 ----D---- C:\Windows\winsxs 2012-06-13 20:22:20 ----D---- C:\Windows\Microsoft.NET 2012-06-13 20:22:09 ----RSD---- C:\Windows\assembly 2012-06-13 08:32:07 ----D---- C:\Windows\SysWOW64\migration 2012-06-13 08:32:07 ----D---- C:\Program Files (x86)\Internet Explorer 2012-06-13 08:32:06 ----D---- C:\Windows\SysWOW64\pl-PL 2012-06-10 09:15:34 ----D---- C:\Users\PC\AppData\Roaming\Winamp 2012-06-01 20:27:39 ----D---- C:\Users\PC\AppData\Roaming\Adobe 2012-06-01 19:57:58 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2012-06-01 19:56:35 ----RSD---- C:\Windows\Fonts 2012-06-01 19:56:03 ----D---- C:\ProgramData\Adobe 2012-06-01 19:56:03 ----D---- C:\Program Files (x86)\Common Files\Adobe 2012-06-01 19:56:02 ----D---- C:\Program Files (x86)\Adobe 2012-05-25 06:43:33 ----D---- C:\ProgramData\ALLPlayer 2012-05-25 06:43:33 ----D---- C:\Program Files (x86)\NAPI-PROJEKT 2012-05-17 19:56:03 ----D---- C:\ProgramData\ipla ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AswRdr;aswRdr; C:\Windows\SysWOW64\drivers\AswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-02 25896] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [] R3 LVUVC64;Logitech Webcam C100(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 RTL8187;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187.sys [2007-04-03 262440] R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [] R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [] R3 yukonx64;Sterownik NDIS6.0 Miniport Driver dla kontrolera Marvell Yukon Ethernet; C:\Windows\system32\DRIVERS\yk60x64.sys [] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [] S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [] S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [] S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [] S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [] S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936] R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144] R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840] R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-21 487280] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 136176] S2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856] S2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-21 5790064] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 257224] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 136176] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] -----------------EOF----------------- [/log] Z góry dziękuje za poświęcony czas.
Gość komentarz 17 czerwca 2012 komentarz 17 czerwca 2012 [b]1.[/b] Start > w polu szukania wpisz [b]cmd[/b] > z prawokliku Uruchom jako Administrator. Wklej komendę: [b]sfc /scanfile=C:\Windows\system32\services.exe[/b] Zresetuj system. [b]2.[/b] Start > w polu szukania wpisz [b]cmd[/b] > z prawokliku Uruchom jako Administrator. Wklej komendę: [b]findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfc.txt & start notepad sfc.txt[/b] Otworzy się log, który zachowaj i pokaż na forum.
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Ok, tak więc udało mi się zrobić skan Drweb do końca ale niestety, problem nadal występuje. Następnie zrobiłem to co mi radziłeś i wrzucam log: [log]2012-06-18 09:37:52, Info CSI 00000006 [SR] Verifying 1 components 2012-06-18 09:37:52, Info CSI 00000007 [SR] Beginning Verify and Repair transaction 2012-06-18 09:37:52, Info CSI 00000009 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store 2012-06-18 09:37:52, Info CSI 0000000b [SR] Verify complete 2012-06-18 09:37:52, Info CSI 0000000c [SR] Repairing 1 components 2012-06-18 09:37:52, Info CSI 0000000d [SR] Beginning Verify and Repair transaction 2012-06-18 09:37:52, Info CSI 0000000f [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store 2012-06-18 09:37:52, Info CSI 00000011 [SR] Repair complete 2012-06-18 09:37:52, Info CSI 00000012 [SR] Committing transaction 2012-06-18 09:37:52, Info CSI 00000016 [SR] Unable to complete Verify and Repair transaction because some of the files that need to be repaired are in use. A reboot is required to complete this operation. 2012-06-18 09:37:52, Info CSI 00000017 [SR] Repairing 1 components 2012-06-18 09:37:52, Info CSI 00000018 [SR] Beginning Verify and Repair transaction 2012-06-18 09:37:52, Info CSI 0000001a [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store 2012-06-18 09:37:53, Info CSI 0000001c [SR] Repair complete [/log] Na potwierdzenie wrzucam jeszcze komunikat z avasta, który tak co jakieś 5 min się pokazuje (avast wywala na raz 3 takie same komunikaty; w prawym dolnym rogu jest właśnie możliwość przewinięcia do następnego i wszystkie trzy są identyczne) [url="http://postimage.org/image/3nfkkf9xn/"][img]http://s17.postimage.org/3nfkkf9xn/skrin.jpg[/img][/url]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 (edytowane) Otwórz Notatnik i wklej [code]reg delete HKCU\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /f reg add HKLM\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /ve /t REG_SZ /d C:\WINDOWS\system32\wbem\wbemess.dll /f[/code] [b]Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT[/b] Plik umieść bezpośrednio na dysku [b]C[/b] [b]Pobierz BlitzBlank[/b] [url="http://download1.emsisoft.com/BlitzBlank.exe"]http://download1.ems.../BlitzBlank.exe[/url] uruchom go i w karcie [b]Script[/b] wklej: [code]DeleteFolder: C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@ C:\Windows\SysNative\%APPDATA% Execute: C:\fix.bat[/code] Klik w [b]Execute Now[/b]. Zatwierdź restart komputera. BlitzBlank wygeneruje na dysku C log z usuwania. [b]3.[/b] Zaprezentuj raport z BlitzBlank
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 BlitzBlank wyrzuca error: "Syntax error in line2, Inwalid folder path" Zrobiłem wcześniej ten plik fix.bat który kazałeś i umieściłem go na dysku c.
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 To wklej do karty Script: [code]DeleteFolder: C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@ Execute: C:\fix.bat[/code]
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Znów ten sam komunikat: "Syntax error in line 2, Invalid folder path"
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Pobierz SystemLook http://jpshortstuff.247fixes.com/SystemLook_x64.exe Uruchom i w białe pole wklej [code]:reg HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s :filefind services.exe[/code] kliknij w Look. Przedstaw raport
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Ok, wrzucam raport: [log]SystemLook 30.07.11 by jpshortstuff Log created at 11:39 on 18/06/2012 by PC Administrator - Elevation successful ========== reg ========== [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] (No values found) [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32] "ThreadingModel"="Both" @="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n." [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}] @="Microsoft WBEM New Event Subsystem" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32] @="%systemroot%\system32\wbem\wbemess.dll" "ThreadingModel"="Both" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] @="MruPidlList" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] @="%SystemRoot%\system32\shell32.dll" "ThreadingModel"="Apartment" ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] BC81150939BD52DBC7A08C245F1FB229 C:\Windows\SysWOW64\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe --a---- 384512 bytes [02:49 21/01/2008] [02:49 21/01/2008] DFAC660F0F139276CC9299812DE42719 C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3 C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:50 21/01/2008] [02:50 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B -= EOF =-[/log]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 1. Wyłacz całkiem Avasta, żeby nie przeszkadzał 2. Uruchom BlitzBlank i wklej [code]DeleteFolder: C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e} Execute: C:\fix.bat [/code] Teraz powinno załapać
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Ok, teraz dało radę; raport z BlitzBlank: [log] BlitzBlank 1.0.0.32 File/Registry Modification Engine native application MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}\L", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}\U", destinationDirectory = "(null)", replaceWithDummy = 0 LaunchOnReboot: launchName = "\fix.bat", commandLine = "c:\fix.bat" OpenDriver: ZwLoadDriver(\Registry\Machine\System\CurrentControlSet\Services\blzblk) failed: status = c0000428 LaunchOnReboot: OpenDriver failed: status = c0000428 [/log]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Wykonaj nowy skan OTL i przedstaw raport. Ale zrób skan wg tej instrukcji Po uruchomieniu OTL zaznacz wszystkie sekcje na [b]Uzyj filtrowania[/b] Zaznacz [b]Wszyscy użytkownicy[/b] zaznacz infekcja [b]Lop i infekcja Purity[/b] i kliknij w [b]Skanuj[/b] żebyś mi żadnych skryptów nie wklejał
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Ok, kolejne logi z otl: OTL [log]OTL logfile created on: 2012-06-18 12:09:53 - Run 2 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,35% Memory free 8,21 Gb Paging File | 5,60 Gb Available in Paging File | 68,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 49,82 Gb Free Space | 33,16% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-15 19:50:17 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll MOD - [2012-05-13 14:52:15 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll MOD - [2011-07-04 19:46:26 | 000,152,160 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggzip.dll MOD - [2011-07-04 19:46:24 | 000,270,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggwebkit.dll MOD - [2011-07-04 19:46:22 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradiocore.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:20 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradio.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,127,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcimproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:14 | 000,086,624 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gghttp.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe MOD - [2011-05-22 19:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,946,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libxml2.dll MOD - [2011-02-17 10:59:40 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstreamer-0.10.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstinterfaces-0.10.dll MOD - [2011-02-17 10:59:40 | 000,033,098 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\iconv.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC) DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2009-04-11 07:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187) DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt) DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207) DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187) DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions [2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\ CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Clownfish] File not found O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-18 07:55:48 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\foty [2012-06-18 06:59:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{87282A05-CC52-44B4-AE2E-010D5CFEDA3E} [2012-06-17 09:27:43 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E586C701-F058-48CC-A28C-D03D8FD95D73} [2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\rsit [2012-06-16 21:21:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DB9F142A-E3E4-4072-8EC0-6D200B702FE7} [2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl [2012-06-16 09:20:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961} [2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia [2012-06-15 20:04:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C} [2012-06-15 06:55:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729} [2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA% [2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes [2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb [2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012-06-14 07:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B [2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2 [2012-06-13 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2} [2012-06-13 21:01:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F} [2012-06-12 20:33:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-06-12 20:33:09 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012-06-12 20:33:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012-06-12 20:33:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-06-12 20:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-06-12 20:33:07 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-06-12 20:33:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-06-12 20:33:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012-06-12 20:33:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012-06-12 20:33:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012-06-12 20:33:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-06-12 20:33:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-06-12 20:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-06-12 20:33:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012-06-12 20:33:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012-06-12 20:33:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012-06-12 20:33:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012-06-12 20:33:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012-06-12 20:33:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012-06-12 20:33:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-06-12 20:33:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-06-12 20:33:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012-06-12 20:33:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012-06-12 20:33:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012-06-12 20:33:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012-06-12 20:33:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012-06-12 20:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012-06-12 20:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012-06-12 20:33:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012-06-12 20:33:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-12 20:33:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-12 20:32:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA} [2012-06-12 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C} [2012-06-12 07:22:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7} [2012-06-12 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1} [2012-06-11 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E} [2012-06-11 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE} [2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni [2012-06-10 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B} [2012-06-10 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5} [2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012 [2012-06-10 09:58:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782} [2012-06-10 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50} [2012-06-09 21:58:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740} [2012-06-09 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3} [2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat [2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany [2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg [2012-06-08 07:33:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3} [2012-06-08 07:33:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969} [2012-06-07 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71} [2012-06-07 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C} [2012-06-06 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494} [2012-06-06 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6} [2012-06-06 07:35:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6} [2012-06-05 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309} [2012-06-05 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC} [2012-06-04 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A} [2012-06-04 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0} [2012-06-04 05:46:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109} [2012-06-04 05:45:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1} [2012-06-03 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446} [2012-06-03 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590} [2012-06-02 07:38:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9} [2012-06-02 07:38:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944} [2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe [2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA [2012-06-01 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39} [2012-06-01 18:42:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3} [2012-05-30 19:05:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C} [2012-05-30 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326} [2012-05-30 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC} [2012-05-30 07:05:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA} [2012-05-29 19:04:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E} [2012-05-29 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777} [2012-05-29 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B} [2012-05-29 07:03:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0} [2012-05-28 17:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689} [2012-05-28 17:28:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112} [2012-05-27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A} [2012-05-27 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07} [2012-05-27 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61} [2012-05-27 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD} [2012-05-25 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9} [2012-05-25 21:22:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4} [2012-05-24 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD} [2012-05-24 21:55:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D} [2012-05-23 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31} [2012-05-23 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF} [2012-05-23 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC} [2012-05-23 08:32:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D} [2012-05-22 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B} [2012-05-22 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B} [2012-05-22 08:30:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61} [2012-05-22 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7} [2012-05-21 20:29:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF} [2012-05-21 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784} [2012-05-21 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032} [2012-05-21 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C} [2012-05-20 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9} [2012-05-20 20:28:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089} [2012-05-20 08:12:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2} [2012-05-20 08:12:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7} [2012-05-19 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B} [2012-05-19 18:01:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4} [2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll [2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll [2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-18 12:07:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-18 12:03:26 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-18 12:03:26 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-18 12:03:26 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-18 12:03:26 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-18 12:03:26 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-18 11:57:29 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-06-18 11:57:28 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-06-18 11:57:13 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-18 11:57:13 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-18 11:57:11 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-18 11:57:11 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job [2012-06-18 11:57:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-18 11:55:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012-06-18 11:54:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-06-18 11:44:03 | 000,029,335 | ---- | M] () -- C:\Users\PC\Desktop\skrin3.jpg [2012-06-18 11:41:27 | 000,030,166 | ---- | M] () -- C:\Users\PC\Desktop\skrin2.jpg [2012-06-18 11:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-18 11:10:11 | 000,000,230 | ---- | M] () -- C:\fix.BAT [2012-06-18 06:43:37 | 000,574,179 | ---- | M] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg [2012-06-18 06:29:37 | 000,000,680 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-15 19:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-15 19:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb [2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-05-19 18:11:31 | 031,905,004 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav [2012-05-19 18:11:22 | 030,293,864 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav [2012-05-19 18:11:13 | 030,164,498 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav [2012-05-19 18:11:04 | 028,071,220 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav [2012-05-19 18:10:55 | 034,503,940 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav [2012-05-19 18:10:45 | 024,630,268 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav [2012-05-19 18:10:37 | 029,176,696 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav [2012-05-19 18:10:28 | 030,352,674 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav [2012-05-19 18:10:18 | 029,858,750 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav [2012-05-19 18:10:07 | 025,436,984 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav [2012-05-19 18:09:58 | 025,150,056 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav [2012-05-19 18:09:49 | 029,028,496 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav [2012-05-19 18:09:38 | 033,017,480 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav [2012-05-19 18:09:26 | 031,780,338 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav [2012-05-19 18:09:13 | 028,188,830 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav [2012-05-19 18:09:01 | 030,477,322 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav [2012-05-19 18:08:47 | 030,305,640 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav [2012-05-19 18:08:33 | 031,380,502 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav [2012-05-19 18:08:18 | 033,135,086 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav [2012-05-19 18:08:00 | 033,497,290 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-18 11:44:03 | 000,029,335 | ---- | C] () -- C:\Users\PC\Desktop\skrin3.jpg [2012-06-18 11:41:27 | 000,030,166 | ---- | C] () -- C:\Users\PC\Desktop\skrin2.jpg [2012-06-18 11:10:10 | 000,000,230 | ---- | C] () -- C:\fix.BAT [2012-06-18 06:43:35 | 000,574,179 | ---- | C] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg [2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-05-19 18:11:22 | 031,905,004 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav [2012-05-19 18:11:13 | 030,293,864 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav [2012-05-19 18:11:04 | 030,164,498 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav [2012-05-19 18:10:55 | 028,071,220 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav [2012-05-19 18:10:45 | 034,503,940 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav [2012-05-19 18:10:37 | 024,630,268 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav [2012-05-19 18:10:28 | 029,176,696 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav [2012-05-19 18:10:18 | 030,352,674 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav [2012-05-19 18:10:07 | 029,858,750 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav [2012-05-19 18:09:58 | 025,436,984 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav [2012-05-19 18:09:49 | 025,150,056 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav [2012-05-19 18:09:38 | 029,028,496 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav [2012-05-19 18:09:26 | 033,017,480 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav [2012-05-19 18:09:13 | 031,780,338 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav [2012-05-19 18:09:01 | 028,188,830 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav [2012-05-19 18:08:47 | 030,477,322 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav [2012-05-19 18:08:33 | 030,305,640 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav [2012-05-19 18:08:18 | 031,380,502 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav [2012-05-19 18:08:00 | 033,135,086 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav [2012-05-19 18:07:40 | 033,497,290 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav [2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\@ [2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys [2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [color=#E56717]========== LOP Check ==========[/color] [2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib [2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla [2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10 [2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG [2012-06-18 11:57:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla [2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView [2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech [2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM [2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org [2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM [2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung [2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer [2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp [2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall [2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer [2012-06-18 11:57:11 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job [2012-06-18 11:54:42 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV < End of report > [/log] Extras [log]OTL Extras logfile created on: 2012-06-18 12:09:53 - Run 2 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,35% Memory free 8,21 Gb Paging File | 5,60 Gb Available in Paging File | 68,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 49,82 Gb Free Space | 33,16% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 63 A2 6C 66 0C 48 CB 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3427946872-3053539125-2350841564-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Pen Tablet Driver" = Bamboo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4 "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA "{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture "{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw "{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP "{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content "{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters "{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish "{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BE686891-3C56-4714-AFEF-341A7867BA80}" = ASUS WiFi-AP Solo "{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1" = NexusFile (5.3.1.5460) "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Clownfish" = Clownfish for Skype "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "ESET Online Scanner" = ESET Online Scanner v3 "FileZilla Client" = FileZilla Client 3.5.0 "flashFONT" = flashFONT "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Host OpenAL (ADI)" = Host OpenAL (ADI) "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "ipla" = ipla 2.3.5 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400 "Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0 "Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "QuicktimeAlt_is1" = QuickTime Alternative 3.1.1 "RealAlt_is1" = Real Alternative 2.0.2 "SkanerOnline" = Skaner on-line mks_vir "TeamViewer 6" = TeamViewer 6 "TeamViewer 7" = TeamViewer 7 "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MyFreeCodec" = MyFreeCodec "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-02-08 02:55:53 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2012-02-08 02:55:54 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2012-02-08 05:26:24 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-02-08 05:55:15 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 16b4 Godzina rozpoczęcia: 01cce6468e63c29e Godzina zakończenia: 12 Error - 2012-02-08 06:00:10 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 14c8 Godzina rozpoczęcia: 01cce647c336991e Godzina zakończenia: 11 Error - 2012-02-08 06:05:22 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 1798 Godzina rozpoczęcia: 01cce6487ac5909e Godzina zakończenia: 15 Error - 2012-02-08 09:15:17 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program WINWORD.EXE w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 1e68 Godzina rozpoczęcia: 01cce6638867e7fe Godzina zakończenia: 15 Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk(1).exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error - 2012-02-08 09:39:01 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 2011-02-16 16:35:21 | Computer Name = PC-PC | Source = Media Center Guide | ID = 0 Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError returned 0D Proces: DefaultDomain Nazwa obiektu: Media Center Guide [ System Events ] Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023 Description = Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023 Description = Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = < End of report > [/log]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 (edytowane) Uruchom OTL i w oknie [b]Własne opcje skanowania /skrypt[/b] wklej [code]:OTL O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Clownfish] File not found :Files C:\Users\PC\AppData\Local\{87282A05-CC52-44B4-AE2E-010D5CFEDA3E} C:\Users\PC\AppData\Local\{E586C701-F058-48CC-A28C-D03D8FD95D73} C:\Users\PC\AppData\Local\{DB9F142A-E3E4-4072-8EC0-6D200B702FE7} C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961} C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C} C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729} C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2} C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F} C:\Windows\SysNative\%APPDATA% C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B :Commands [emptytemp][/code] Kliknij w [b]Wykonaj skrypt.[/b] Po usuwaniu OTL wygeneruje log. Zapisz go i przedstaw Robisz nowy skan OTL i przedstwaiasz raport. Log [b]Extras juz nie potrzebny[/b]
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Raport po wykonanym skrypcie: [log]All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish deleted successfully. ========== FILES ========== C:\Users\PC\AppData\Local\{87282A05-CC52-44B4-AE2E-010D5CFEDA3E} folder moved successfully. C:\Users\PC\AppData\Local\{E586C701-F058-48CC-A28C-D03D8FD95D73} folder moved successfully. C:\Users\PC\AppData\Local\{DB9F142A-E3E4-4072-8EC0-6D200B702FE7} folder moved successfully. C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961} folder moved successfully. C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C} folder moved successfully. C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729} folder moved successfully. C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2} folder moved successfully. C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F} folder moved successfully. C:\Windows\SysNative\%APPDATA%\Microsoft\Windows\IETldCache folder moved successfully. C:\Windows\SysNative\%APPDATA%\Microsoft\Windows folder moved successfully. C:\Windows\SysNative\%APPDATA%\Microsoft folder moved successfully. Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot. C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 2786068 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: PC ->Temp folder emptied: 5703324167 bytes ->Temporary Internet Files folder emptied: 125146533 bytes ->Java cache emptied: 36191274 bytes ->FireFox cache emptied: 437125394 bytes ->Google Chrome cache emptied: 378941692 bytes ->Flash cache emptied: 167035 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 22656603790 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 2490161 bytes RecycleBin emptied: 2632070257 bytes Total Files Cleaned = 30 494,00 mb OTL by OldTimer - Version 3.2.49.0 log created on 06182012_163701 Files\Folders moved on Reboot... Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] Log z otl: otl [log]OTL logfile created on: 2012-06-18 17:07:58 - Run 3 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 37,68% Memory free 8,21 Gb Paging File | 5,40 Gb Available in Paging File | 65,81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 79,31 Gb Free Space | 52,78% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-18 17:04:26 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll MOD - [2012-06-15 19:50:17 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll MOD - [2011-07-04 19:46:26 | 000,152,160 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggzip.dll MOD - [2011-07-04 19:46:24 | 000,270,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggwebkit.dll MOD - [2011-07-04 19:46:22 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradiocore.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:20 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradio.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,127,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcimproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:14 | 000,086,624 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gghttp.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,946,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libxml2.dll MOD - [2011-02-17 10:59:40 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstreamer-0.10.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstinterfaces-0.10.dll MOD - [2011-02-17 10:59:40 | 000,033,098 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\iconv.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll [color=#E56717]========== Win32 Services (All) ==========[/color] SRV:[b]64bit:[/b] - [2012-04-23 18:25:30 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc) SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2011-11-16 18:43:13 | 000,442,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc) SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs) SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage) SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon) SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso) SRV:[b]64bit:[/b] - [2011-03-28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV:[b]64bit:[/b] - [2011-03-02 18:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b]64bit:[/b] - [2011-02-22 15:53:27 | 001,149,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache) SRV:[b]64bit:[/b] - [2010-11-06 13:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2010-09-06 20:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b]64bit:[/b] - [2010-08-17 16:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler) SRV:[b]64bit:[/b] - [2010-07-09 16:17:18 | 000,159,336 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysNative\nvvsvc.exe -- (nvsvc) SRV:[b]64bit:[/b] - [2009-10-09 23:36:09 | 002,050,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM) SRV:[b]64bit:[/b] - [2009-10-09 23:34:39 | 000,232,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc) SRV:[b]64bit:[/b] - [2009-10-01 02:51:40 | 000,107,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum) SRV:[b]64bit:[/b] - [2009-08-07 04:24:17 | 002,424,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv) SRV:[b]64bit:[/b] - [2009-07-11 21:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc) SRV:[b]64bit:[/b] - [2009-07-10 13:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes) SRV:[b]64bit:[/b] - [2009-07-10 13:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection) SRV:[b]64bit:[/b] - [2009-06-10 13:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation) SRV:[b]64bit:[/b] - [2009-04-11 09:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog) SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 000,581,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 000,218,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\webclnt.dll -- (WebClient) SRV:[b]64bit:[/b] - [2009-04-11 09:11:27 | 000,372,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\w32time.dll -- (W32Time) SRV:[b]64bit:[/b] - [2009-04-11 09:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b]64bit:[/b] - [2009-04-11 09:11:27 | 000,032,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms) SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain) SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,547,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\termsrv.dll -- (TermService) SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv) SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv) SRV:[b]64bit:[/b] - [2009-04-11 09:11:24 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SLUINotify.dll -- (SLUINotify) SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs) SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry) SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr) SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS) SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qagentRT.dll -- (napagent) SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan) SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPsvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPAutoReg) SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2pimsvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,719,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent) SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,454,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ikeext.dll -- (IKEEXT) SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv) SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt) SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem) SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp) SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv) SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ) SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc) SRV:[b]64bit:[/b] - [2009-04-11 09:11:10 | 000,209,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv) SRV:[b]64bit:[/b] - [2009-04-11 09:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS) SRV:[b]64bit:[/b] - [2009-04-11 09:11:00 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds) SRV:[b]64bit:[/b] - [2009-04-11 09:10:50 | 000,597,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch) SRV:[b]64bit:[/b] - [2009-04-11 09:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc) SRV:[b]64bit:[/b] - [2009-04-11 09:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver) SRV:[b]64bit:[/b] - [2009-04-11 09:10:08 | 003,433,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DFSR.exe -- (DFSR) SRV:[b]64bit:[/b] - [2008-01-21 04:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV:[b]64bit:[/b] - [2008-01-21 04:52:00 | 000,173,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc) SRV:[b]64bit:[/b] - [2008-01-21 04:51:33 | 000,067,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc) SRV:[b]64bit:[/b] - [2008-01-21 04:51:19 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc) SRV:[b]64bit:[/b] - [2008-01-21 04:51:16 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect) SRV:[b]64bit:[/b] - [2008-01-21 04:51:03 | 000,117,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks) SRV:[b]64bit:[/b] - [2008-01-21 04:51:01 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost) SRV:[b]64bit:[/b] - [2008-01-21 04:50:59 | 001,373,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla) SRV:[b]64bit:[/b] - [2008-01-21 04:50:34 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI) SRV:[b]64bit:[/b] - [2008-01-21 04:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b]64bit:[/b] - [2008-01-21 04:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost) SRV:[b]64bit:[/b] - [2008-01-21 04:50:14 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc) SRV:[b]64bit:[/b] - [2008-01-21 04:50:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc) SRV:[b]64bit:[/b] - [2008-01-21 04:50:06 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts) SRV:[b]64bit:[/b] - [2008-01-21 04:49:59 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sessenv.dll -- (SessionEnv) SRV:[b]64bit:[/b] - [2008-01-21 04:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER) SRV:[b]64bit:[/b] - [2008-01-21 04:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS) SRV:[b]64bit:[/b] - [2008-01-21 04:49:46 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV) SRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi) SRV:[b]64bit:[/b] - [2008-01-21 04:49:33 | 000,061,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sens.dll -- (SENS) SRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost) SRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost) SRV:[b]64bit:[/b] - [2008-01-21 04:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser) SRV:[b]64bit:[/b] - [2008-01-21 04:49:09 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS) SRV:[b]64bit:[/b] - [2008-01-21 04:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon) SRV:[b]64bit:[/b] - [2008-01-21 04:49:04 | 000,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\kmsvc.dll -- (hkmsvc) SRV:[b]64bit:[/b] - [2008-01-21 04:49:02 | 000,120,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WerSvc.dll -- (WerSvc) SRV:[b]64bit:[/b] - [2008-01-21 04:49:02 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS) SRV:[b]64bit:[/b] - [2008-01-21 04:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm) SRV:[b]64bit:[/b] - [2008-01-21 04:48:29 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost) SRV:[b]64bit:[/b] - [2008-01-21 04:48:26 | 000,088,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess) SRV:[b]64bit:[/b] - [2008-01-21 04:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto) SRV:[b]64bit:[/b] - [2008-01-21 04:48:21 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipbusenum.dll -- (IPBusEnum) SRV:[b]64bit:[/b] - [2008-01-21 04:48:19 | 000,395,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm) SRV:[b]64bit:[/b] - [2008-01-21 04:48:19 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC) SRV:[b]64bit:[/b] - [2008-01-21 04:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo) SRV:[b]64bit:[/b] - [2008-01-21 04:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG) SRV:[b]64bit:[/b] - [2008-01-21 04:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman) SRV:[b]64bit:[/b] - [2008-01-21 04:47:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc) SRV:[b]64bit:[/b] - [2008-01-21 04:47:30 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE) SRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC) SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV:[b]64bit:[/b] - [2006-11-02 17:03:19 | 000,084,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService) SRV:[b]64bit:[/b] - [2006-11-02 13:19:10 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport) SRV:[b]64bit:[/b] - [2006-11-02 13:19:10 | 000,039,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService) SRV:[b]64bit:[/b] - [2006-11-02 13:17:22 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fdrespub.dll -- (FDResPub) SRV:[b]64bit:[/b] - [2006-11-02 13:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b]64bit:[/b] - [2006-11-02 13:16:12 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP) SRV:[b]64bit:[/b] - [2006-11-02 13:15:56 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\locator.exe -- (RpcLocator) SRV:[b]64bit:[/b] - [2006-11-02 13:15:49 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp) SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010-09-06 22:38:14 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem) Usługa Google Update (gupdatem) SRV - [2010-09-06 22:38:14 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-18 15:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 15:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-10-09 23:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM) SRV - [2009-07-10 13:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes) SRV - [2009-07-10 13:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection) SRV - [2009-04-11 09:10:58 | 000,042,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller) SRV - [2009-04-11 08:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc) SRV - [2009-04-11 08:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient) SRV - [2009-04-11 08:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc) SRV - [2009-04-11 08:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv) SRV - [2009-04-11 08:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SCardSvr.dll -- (SCardSvr) SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPsvc) SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPAutoReg) SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2psvc) SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2pimsvc) SRV - [2009-04-11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem) SRV - [2009-04-11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv) SRV - [2009-04-11 08:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp) SRV - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch) SRV - [2009-04-11 08:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver) SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-03-30 06:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2009-02-18 20:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2009-02-18 20:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008-01-21 04:51:36 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) SRV - [2008-01-21 04:51:36 | 000,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched) SRV - [2008-01-21 04:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost) SRV - [2008-01-21 04:50:38 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv) SRV - [2008-01-21 04:50:07 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS) SRV - [2008-01-21 04:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost) SRV - [2008-01-21 04:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost) SRV - [2008-01-21 04:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm) SRV - [2008-01-21 04:49:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess) SRV - [2008-01-21 04:48:26 | 000,259,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost) SRV - [2008-01-21 04:48:23 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla) SRV - [2008-01-21 04:47:35 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE) SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2006-11-02 17:03:48 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006-11-02 11:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService) SRV - [2006-11-02 11:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp) [color=#E56717]========== Driver Services (All) ==========[/color] DRV:[b]64bit:[/b] - [2012-05-01 16:29:44 | 000,209,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD) DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-30 14:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tcpip.sys -- (Tcpip6) DRV:[b]64bit:[/b] - [2012-03-30 14:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip) DRV:[b]64bit:[/b] - [2012-03-21 01:34:30 | 000,072,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC) DRV:[b]64bit:[/b] - [2012-01-03 16:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD) DRV:[b]64bit:[/b] - [2011-11-17 08:53:02 | 000,515,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\ksecdd.sys -- (KSecDD) DRV:[b]64bit:[/b] - [2011-07-06 17:49:23 | 000,275,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb10.sys -- (mrxsmb10) DRV:[b]64bit:[/b] - [2011-04-29 15:41:02 | 000,176,128 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv2.sys -- (srv2) DRV:[b]64bit:[/b] - [2011-04-29 15:40:56 | 000,145,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srvnet.sys -- (srvnet) DRV:[b]64bit:[/b] - [2011-04-29 15:39:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb.sys -- (mrxsmb) DRV:[b]64bit:[/b] - [2011-04-29 15:39:31 | 000,107,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb20.sys -- (mrxsmb20) DRV:[b]64bit:[/b] - [2011-04-21 16:17:10 | 000,695,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT) DRV:[b]64bit:[/b] - [2011-04-14 17:14:19 | 000,097,792 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\dfsc.sys -- (DfsC) DRV:[b]64bit:[/b] - [2011-02-18 16:18:15 | 000,450,560 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv.sys -- (srv) DRV:[b]64bit:[/b] - [2011-02-18 16:16:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bowser.sys -- (bowser) DRV:[b]64bit:[/b] - [2011-01-20 18:46:10 | 000,900,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl) DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2010-07-10 00:38:00 | 013,187,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvlddmkm.sys -- (nvlddmkm) DRV:[b]64bit:[/b] - [2010-02-20 23:30:08 | 000,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HTTP.sys -- (HTTP) DRV:[b]64bit:[/b] - [2010-02-18 13:59:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunnel.sys -- (tunnel) DRV:[b]64bit:[/b] - [2009-12-08 19:55:32 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg) DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2009-06-17 12:37:14 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB) DRV:[b]64bit:[/b] - [2009-04-11 09:15:53 | 000,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr) DRV:[b]64bit:[/b] - [2009-04-11 09:15:53 | 000,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\termdd.sys -- (TermDD) DRV:[b]64bit:[/b] - [2009-04-11 09:15:52 | 000,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx) DRV:[b]64bit:[/b] - [2009-04-11 09:15:45 | 000,269,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap) DRV:[b]64bit:[/b] - [2009-04-11 09:15:36 | 000,019,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr) DRV:[b]64bit:[/b] - [2009-04-11 09:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs) DRV:[b]64bit:[/b] - [2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS) DRV:[b]64bit:[/b] - [2009-04-11 09:15:33 | 000,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\CLFS.sys -- (CLFS) Common Log (CLFS) DRV:[b]64bit:[/b] - [2009-04-11 09:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI) DRV:[b]64bit:[/b] - [2009-04-11 09:15:32 | 000,310,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC) DRV:[b]64bit:[/b] - [2009-04-11 09:15:32 | 000,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltmgr.sys -- (FltMgr) DRV:[b]64bit:[/b] - [2009-04-11 09:15:31 | 000,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\msiscsi.sys -- (iScsiPrt) DRV:[b]64bit:[/b] - [2009-04-11 09:15:31 | 000,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci) DRV:[b]64bit:[/b] - [2009-04-11 09:15:30 | 000,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ecache.sys -- (Ecache) DRV:[b]64bit:[/b] - [2009-04-11 09:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk) DRV:[b]64bit:[/b] - [2009-04-11 09:15:24 | 000,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\mup.sys -- (Mup) DRV:[b]64bit:[/b] - [2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi) DRV:[b]64bit:[/b] - [2009-04-11 09:14:59 | 000,014,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide) DRV:[b]64bit:[/b] - [2009-04-11 07:43:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rassstp.sys -- (RasSstp) DRV:[b]64bit:[/b] - [2009-04-11 07:43:40 | 000,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndiswan.sys -- (NdisWan) DRV:[b]64bit:[/b] - [2009-04-11 07:43:39 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspptp.sys -- (PptpMiniport) DRV:[b]64bit:[/b] - [2009-04-11 07:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarpv6) DRV:[b]64bit:[/b] - [2009-04-11 07:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarp) DRV:[b]64bit:[/b] - [2009-04-11 07:43:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rasl2tp.sys -- (Rasl2tp) DRV:[b]64bit:[/b] - [2009-04-11 07:43:33 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspppoe.sys -- (RasPppoe) DRV:[b]64bit:[/b] - [2009-04-11 07:43:27 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipfltdrv.sys -- (IpFilterDriver) DRV:[b]64bit:[/b] - [2009-04-11 07:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-04-11 07:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tdx.sys -- (tdx) DRV:[b]64bit:[/b] - [2009-04-11 07:42:56 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\pacer.sys -- (PSched) DRV:[b]64bit:[/b] - [2009-04-11 07:42:33 | 000,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\netbt.sys -- (netbt) DRV:[b]64bit:[/b] - [2009-04-11 07:42:19 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\smb.sys -- (Smb) DRV:[b]64bit:[/b] - [2009-04-11 07:40:20 | 000,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nwifi.sys -- (NativeWifiP) DRV:[b]64bit:[/b] - [2009-04-11 07:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Urządzenie Bluetooth (Protokół TDI RFCOMM) DRV:[b]64bit:[/b] - [2009-04-11 07:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum) DRV:[b]64bit:[/b] - [2009-04-11 07:39:52 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbhub.sys -- (usbhub) DRV:[b]64bit:[/b] - [2009-04-11 07:39:49 | 000,072,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ohci1394.sys -- (ohci1394) DRV:[b]64bit:[/b] - [2009-04-11 07:39:41 | 000,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HDAudBus.sys -- (HDAudBus) DRV:[b]64bit:[/b] - [2009-04-11 07:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\USBSTOR.SYS -- (USBSTOR) DRV:[b]64bit:[/b] - [2009-04-11 07:39:36 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbehci.sys -- (usbehci) DRV:[b]64bit:[/b] - [2009-04-11 07:39:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidusb.sys -- (HidUsb) DRV:[b]64bit:[/b] - [2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\cdrom.sys -- (cdrom) DRV:[b]64bit:[/b] - [2009-04-11 07:33:40 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdhid.sys -- (kbdhid) DRV:[b]64bit:[/b] - [2009-04-11 06:55:42 | 000,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV) DRV:[b]64bit:[/b] - [2009-04-11 06:55:24 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\rdbss.sys -- (rdbss) DRV:[b]64bit:[/b] - [2009-04-11 06:54:22 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs) DRV:[b]64bit:[/b] - [2009-04-11 06:54:21 | 000,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\udfs.sys -- (udfs) DRV:[b]64bit:[/b] - [2009-04-11 06:54:11 | 000,187,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat) DRV:[b]64bit:[/b] - [2009-04-11 06:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat) DRV:[b]64bit:[/b] - [2008-01-21 04:51:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP) DRV:[b]64bit:[/b] - [2008-01-21 04:51:14 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE) DRV:[b]64bit:[/b] - [2008-01-21 04:51:07 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\RDPCDD.sys -- (RDPCDD) DRV:[b]64bit:[/b] - [2008-01-21 04:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\asyncmac.sys -- (AsyncMac) DRV:[b]64bit:[/b] - [2008-01-21 04:50:59 | 000,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo) DRV:[b]64bit:[/b] - [2008-01-21 04:50:45 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM) DRV:[b]64bit:[/b] - [2008-01-21 04:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000) DRV:[b]64bit:[/b] - [2008-01-21 04:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\cdfs.sys -- (cdfs) DRV:[b]64bit:[/b] - [2008-01-21 04:50:39 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs) DRV:[b]64bit:[/b] - [2008-01-21 04:50:25 | 000,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (MountMgr) DRV:[b]64bit:[/b] - [2008-01-21 04:50:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tssecsrv.sys -- (tssecsrv) DRV:[b]64bit:[/b] - [2008-01-21 04:50:09 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WUDFRd.sys -- (WUDFRd) DRV:[b]64bit:[/b] - [2008-01-21 04:50:04 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem) DRV:[b]64bit:[/b] - [2008-01-21 04:49:58 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndisuio.sys -- (Ndisuio) DRV:[b]64bit:[/b] - [2008-01-21 04:49:52 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSKSSRV.sys -- (MSKSSRV) DRV:[b]64bit:[/b] - [2008-01-21 04:49:52 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSTEE.sys -- (MSTEE) DRV:[b]64bit:[/b] - [2008-01-21 04:49:51 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave) DRV:[b]64bit:[/b] - [2008-01-21 04:49:48 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rdpencdd.sys -- (RDPENCDD) DRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv) DRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy) DRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl) DRV:[b]64bit:[/b] - [2008-01-21 04:49:16 | 000,109,568 | ---- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv) DRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rspndr.sys -- (rspndr) DRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lltdio.sys -- (lltdio) DRV:[b]64bit:[/b] - [2008-01-21 04:49:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk) DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipnat.sys -- (IPNAT) DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy) DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndistapi.sys -- (NdisTapi) DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunmp.sys -- (tunmp) DRV:[b]64bit:[/b] - [2008-01-21 04:48:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace) DRV:[b]64bit:[/b] - [2008-01-21 04:48:27 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\netbios.sys -- (NetBIOS) DRV:[b]64bit:[/b] - [2008-01-21 04:48:24 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rasacd.sys -- (RasAcd) DRV:[b]64bit:[/b] - [2008-01-21 04:47:30 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv) DRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ipmidrv.sys -- (IPMIDRV) DRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\i2omp.sys -- (i2omp) DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320) DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) Urządzenie wideo USB (WDM) DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\i8042prt.sys -- (i8042prt) DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdclass.sys -- (kbdclass) DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd) DRV:[b]64bit:[/b] - [2008-01-21 04:47:26 | 000,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio) DRV:[b]64bit:[/b] - [2008-01-21 04:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4) DRV:[b]64bit:[/b] - [2008-01-21 04:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid) DRV:[b]64bit:[/b] - [2008-01-21 04:47:25 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fdc.sys -- (fdc) DRV:[b]64bit:[/b] - [2008-01-21 04:47:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbuhci.sys -- (usbuhci) DRV:[b]64bit:[/b] - [2008-01-21 04:47:04 | 000,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm) DRV:[b]64bit:[/b] - [2008-01-21 04:47:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive) DRV:[b]64bit:[/b] - [2008-01-21 04:47:03 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass) DRV:[b]64bit:[/b] - [2008-01-21 04:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Urządzenie Bluetooth (sieć osobista) DRV:[b]64bit:[/b] - [2008-01-21 04:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV:[b]64bit:[/b] - [2008-01-21 04:47:01 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbccgp.sys -- (usbccgp) DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas) DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\monitor.sys -- (monitor) DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vgapnp.sys -- (vga) DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk) DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc) DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastorv.sys -- (iaStorV) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gagp30kx.sys -- (gagp30kx) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uagp35.sys -- (uagp35) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hpcisss.sys -- (HpCISSs) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mouclass.sys -- (mouclass) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse) DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mouhid.sys -- (mouhid) DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (MegaSR) DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\uliahci.sys -- (uliahci) DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\E1G6032E.sys -- (E1G60) Intel(R) DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS) DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2) DRV:[b]64bit:[/b] - [2008-01-21 04:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\flpydisk.sys -- (flpydisk) DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci) DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid) DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu160m.sys -- (adpu160m) DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor) DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\umbus.sys -- (umbus) DRV:[b]64bit:[/b] - [2008-01-21 04:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx) DRV:[b]64bit:[/b] - [2008-01-21 04:46:53 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\serial.sys -- (Serial) DRV:[b]64bit:[/b] - [2008-01-21 04:46:53 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serenum.sys -- (Serenum) DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300) DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ulsata2.sys -- (ulsata2) DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc) DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 000,027,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (rdpdr) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,126,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nv_agp.sys -- (nv_agp) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uliagpkx.sys -- (uliagpkx) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agp440.sys -- (agp440) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\intelppm.sys -- (intelppm) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,034,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mssmbios.sys -- (mssmbios) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv) DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,019,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,015,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swenum.sys -- (swenum) DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev) DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187) DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt) DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207) DRV:[b]64bit:[/b] - [2006-11-02 14:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960) DRV:[b]64bit:[/b] - [2006-11-02 14:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\symc8xx.sys -- (Symc8xx) DRV:[b]64bit:[/b] - [2006-11-02 14:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sym_u3.sys -- (Sym_u3) DRV:[b]64bit:[/b] - [2006-11-02 14:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp) DRV:[b]64bit:[/b] - [2006-11-02 14:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sym_hi.sys -- (Sym_hi) DRV:[b]64bit:[/b] - [2006-11-02 14:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mraid35x.sys -- (Mraid35x) DRV:[b]64bit:[/b] - [2006-11-02 14:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iteraid.sys -- (iteraid) DRV:[b]64bit:[/b] - [2006-11-02 14:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iteatapi.sys -- (iteatapi) DRV:[b]64bit:[/b] - [2006-11-02 13:51:30 | 000,203,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia) DRV:[b]64bit:[/b] - [2006-11-02 13:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ulsata.sys -- (UlSata) DRV:[b]64bit:[/b] - [2006-11-02 13:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx) DRV:[b]64bit:[/b] - [2006-11-02 13:50:06 | 000,090,216 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port) DRV:[b]64bit:[/b] - [2006-11-02 13:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\djsvs.sys -- (aic78xx) DRV:[b]64bit:[/b] - [2006-11-02 12:27:53 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint) DRV:[b]64bit:[/b] - [2006-11-02 11:44:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM) DRV:[b]64bit:[/b] - [2006-11-02 11:44:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth) DRV:[b]64bit:[/b] - [2006-11-02 11:43:46 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR) DRV:[b]64bit:[/b] - [2006-11-02 11:43:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci) DRV:[b]64bit:[/b] - [2006-11-02 11:43:36 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr) DRV:[b]64bit:[/b] - [2006-11-02 11:40:24 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen) DRV:[b]64bit:[/b] - [2006-11-02 11:38:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy) DRV:[b]64bit:[/b] - [2006-11-02 11:37:57 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport) DRV:[b]64bit:[/b] - [2006-11-02 11:37:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV:[b]64bit:[/b] - [2006-11-02 11:37:30 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPQM.sys -- (MSPQM) DRV:[b]64bit:[/b] - [2006-11-02 11:37:16 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null) DRV:[b]64bit:[/b] - [2006-11-02 10:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV:[b]64bit:[/b] - [2006-11-02 07:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService) DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2006-10-24 04:08:37 | 000,712,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\peauth.sys -- (PEAUTH) DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV:[b]64bit:[/b] - [2006-09-30 01:51:44 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv) DRV:[b]64bit:[/b] - [2006-09-19 13:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbser.sys -- (BrUsbSer) DRV:[b]64bit:[/b] - [2006-09-18 23:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brserwdm.sys -- (BrSerWdm) DRV:[b]64bit:[/b] - [2006-09-18 23:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brusbmdm.sys -- (BrUsbMdm) DRV:[b]64bit:[/b] - [2006-09-18 23:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltlo.sys -- (BrFiltLo) DRV:[b]64bit:[/b] - [2006-09-18 23:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187) DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions [2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\ CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-18 16:37:01 | 000,000,000 | ---D | C] -- C:\_OTL [2012-06-18 07:55:48 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\foty [2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\rsit [2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl [2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia [2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA% [2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes [2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb [2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2 [2012-06-12 20:33:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-06-12 20:33:09 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012-06-12 20:33:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012-06-12 20:33:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-06-12 20:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-06-12 20:33:07 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-06-12 20:33:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-06-12 20:33:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012-06-12 20:33:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012-06-12 20:33:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012-06-12 20:33:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-06-12 20:33:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-06-12 20:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-06-12 20:33:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012-06-12 20:33:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012-06-12 20:33:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012-06-12 20:33:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012-06-12 20:33:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012-06-12 20:33:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012-06-12 20:33:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-06-12 20:33:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-06-12 20:33:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012-06-12 20:33:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012-06-12 20:33:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012-06-12 20:33:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012-06-12 20:33:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012-06-12 20:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012-06-12 20:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012-06-12 20:33:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012-06-12 20:33:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-12 20:33:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-12 20:32:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA} [2012-06-12 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C} [2012-06-12 07:22:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7} [2012-06-12 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1} [2012-06-11 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E} [2012-06-11 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE} [2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni [2012-06-10 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B} [2012-06-10 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5} [2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012 [2012-06-10 09:58:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782} [2012-06-10 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50} [2012-06-09 21:58:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740} [2012-06-09 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3} [2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat [2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany [2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg [2012-06-08 07:33:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3} [2012-06-08 07:33:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969} [2012-06-07 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71} [2012-06-07 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C} [2012-06-06 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494} [2012-06-06 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6} [2012-06-06 07:35:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6} [2012-06-05 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309} [2012-06-05 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC} [2012-06-04 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A} [2012-06-04 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0} [2012-06-04 05:46:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109} [2012-06-04 05:45:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1} [2012-06-03 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446} [2012-06-03 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590} [2012-06-02 07:38:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9} [2012-06-02 07:38:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944} [2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe [2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA [2012-06-01 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39} [2012-06-01 18:42:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3} [2012-05-30 19:05:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C} [2012-05-30 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326} [2012-05-30 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC} [2012-05-30 07:05:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA} [2012-05-29 19:04:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E} [2012-05-29 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777} [2012-05-29 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B} [2012-05-29 07:03:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0} [2012-05-28 17:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689} [2012-05-28 17:28:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112} [2012-05-27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A} [2012-05-27 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07} [2012-05-27 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61} [2012-05-27 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD} [2012-05-25 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9} [2012-05-25 21:22:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4} [2012-05-24 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD} [2012-05-24 21:55:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D} [2012-05-23 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31} [2012-05-23 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF} [2012-05-23 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC} [2012-05-23 08:32:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D} [2012-05-22 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B} [2012-05-22 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B} [2012-05-22 08:30:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61} [2012-05-22 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7} [2012-05-21 20:29:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF} [2012-05-21 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784} [2012-05-21 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032} [2012-05-21 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C} [2012-05-20 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9} [2012-05-20 20:28:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089} [2012-05-20 08:12:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2} [2012-05-20 08:12:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7} [2012-05-19 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B} [2012-05-19 18:01:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4} [2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll [2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll [2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-18 17:09:44 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-18 17:09:44 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-18 17:09:44 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-18 17:09:44 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-18 17:09:44 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-18 17:07:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-18 17:04:16 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-06-18 17:04:15 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-06-18 17:03:31 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-18 17:03:31 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-18 17:03:30 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-18 17:03:30 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job [2012-06-18 17:03:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-18 17:03:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012-06-18 17:02:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-06-18 12:21:15 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-18 11:44:03 | 000,029,335 | ---- | M] () -- C:\Users\PC\Desktop\skrin3.jpg [2012-06-18 11:41:27 | 000,030,166 | ---- | M] () -- C:\Users\PC\Desktop\skrin2.jpg [2012-06-18 11:10:11 | 000,000,230 | ---- | M] () -- C:\fix.BAT [2012-06-18 06:43:37 | 000,574,179 | ---- | M] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg [2012-06-18 06:29:37 | 000,000,680 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-15 19:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-15 19:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb [2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-05-19 18:11:31 | 031,905,004 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav [2012-05-19 18:11:22 | 030,293,864 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav [2012-05-19 18:11:13 | 030,164,498 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav [2012-05-19 18:11:04 | 028,071,220 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav [2012-05-19 18:10:55 | 034,503,940 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav [2012-05-19 18:10:45 | 024,630,268 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav [2012-05-19 18:10:37 | 029,176,696 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav [2012-05-19 18:10:28 | 030,352,674 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav [2012-05-19 18:10:18 | 029,858,750 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav [2012-05-19 18:10:07 | 025,436,984 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav [2012-05-19 18:09:58 | 025,150,056 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav [2012-05-19 18:09:49 | 029,028,496 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav [2012-05-19 18:09:38 | 033,017,480 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav [2012-05-19 18:09:26 | 031,780,338 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav [2012-05-19 18:09:13 | 028,188,830 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav [2012-05-19 18:09:01 | 030,477,322 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav [2012-05-19 18:08:47 | 030,305,640 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav [2012-05-19 18:08:33 | 031,380,502 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav [2012-05-19 18:08:18 | 033,135,086 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav [2012-05-19 18:08:00 | 033,497,290 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-18 11:44:03 | 000,029,335 | ---- | C] () -- C:\Users\PC\Desktop\skrin3.jpg [2012-06-18 11:41:27 | 000,030,166 | ---- | C] () -- C:\Users\PC\Desktop\skrin2.jpg [2012-06-18 11:10:10 | 000,000,230 | ---- | C] () -- C:\fix.BAT [2012-06-18 06:43:35 | 000,574,179 | ---- | C] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg [2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-05-19 18:11:22 | 031,905,004 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav [2012-05-19 18:11:13 | 030,293,864 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav [2012-05-19 18:11:04 | 030,164,498 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav [2012-05-19 18:10:55 | 028,071,220 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav [2012-05-19 18:10:45 | 034,503,940 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav [2012-05-19 18:10:37 | 024,630,268 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav [2012-05-19 18:10:28 | 029,176,696 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav [2012-05-19 18:10:18 | 030,352,674 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav [2012-05-19 18:10:07 | 029,858,750 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav [2012-05-19 18:09:58 | 025,436,984 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav [2012-05-19 18:09:49 | 025,150,056 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav [2012-05-19 18:09:38 | 029,028,496 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav [2012-05-19 18:09:26 | 033,017,480 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav [2012-05-19 18:09:13 | 031,780,338 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav [2012-05-19 18:09:01 | 028,188,830 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav [2012-05-19 18:08:47 | 030,477,322 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav [2012-05-19 18:08:33 | 030,305,640 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav [2012-05-19 18:08:18 | 031,380,502 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav [2012-05-19 18:08:00 | 033,135,086 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav [2012-05-19 18:07:40 | 033,497,290 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav [2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\@ [2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys [2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [color=#E56717]========== LOP Check ==========[/color] [2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib [2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla [2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10 [2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG [2012-06-18 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla [2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView [2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech [2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM [2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org [2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM [2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung [2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer [2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp [2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall [2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer [2012-06-18 17:03:30 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job [2012-06-18 17:02:08 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV < End of report > [/log]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Infekcja wraca. Wykonaj mi skan w SystemLook na podanym w poście nr8 warunku i przedstaw raport
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Hmm no to nie ciekawie. Aktualnie brak komunikatów ze strony avasta. Wrzucam log: [log]SystemLook 30.07.11 by jpshortstuff Log created at 19:04 on 18/06/2012 by PC Administrator - Elevation successful ========== reg ========== [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] (No values found) [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32] "ThreadingModel"="Both" @="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n." [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}] @="Microsoft WBEM New Event Subsystem" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32] @="%systemroot%\system32\wbem\wbemess.dll" "ThreadingModel"="Both" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] @="MruPidlList" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] @="%SystemRoot%\system32\shell32.dll" "ThreadingModel"="Apartment" ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3 C:\Windows\SysWOW64\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe --a---- 384512 bytes [02:49 21/01/2008] [02:49 21/01/2008] DFAC660F0F139276CC9299812DE42719 C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3 C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:50 21/01/2008] [02:50 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B -= EOF =-[/log]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Start > uruchom > regedit W rejestrze znajdź klucz [[b]HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32] "ThreadingModel"="Both" @="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n."[/b] i go usuń, chodzi o wartość [b]@="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n."[/b] powinny tam byc dwa takie klucze i ty masz wyciachać ten co podałem Potem uruchamiasz OTL i wklejasz skrypt [code]:Files C:\Windows\SysNative\%APPDATA% C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA} C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C} C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7} C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1} C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E} C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE} C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B} C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5} C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782} C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50} C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740} C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3} C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3} C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969} C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71} C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C} C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494} C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6} C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6} C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309} C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC} C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A} C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0} C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109} C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1} C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446} C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590} C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9} C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944} C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39} C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3} C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C} C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326} C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC} C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA} C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E} C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777} C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B} C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0} C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689} C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112} C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A} C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07} C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61} C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD} C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9} C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4} C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD} C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D} C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31} C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF} C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC} C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D} C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B} C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B} C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61} C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7} C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF} C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784} C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032} C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C} C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9} C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089} C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2} C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7} C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B} C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4} C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e} :Commands [reboot][/code] Klikasz w[b] Wykonaj skrypt.[/b] Po restarcie powtarzasz skan w [b]SystemLook[/b] i dajesz raport
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Wartość usunięta. log z skryptu po restarcie : [log]========== FILES ========== Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot. C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA} folder moved successfully. C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C} folder moved successfully. C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7} folder moved successfully. C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1} folder moved successfully. C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E} folder moved successfully. C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE} folder moved successfully. C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B} folder moved successfully. C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5} folder moved successfully. C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782} folder moved successfully. C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50} folder moved successfully. C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740} folder moved successfully. C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3} folder moved successfully. C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3} folder moved successfully. C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969} folder moved successfully. C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71} folder moved successfully. C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C} folder moved successfully. C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494} folder moved successfully. C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6} folder moved successfully. C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6} folder moved successfully. C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309} folder moved successfully. C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC} folder moved successfully. C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A} folder moved successfully. C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0} folder moved successfully. C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109} folder moved successfully. C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1} folder moved successfully. C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446} folder moved successfully. C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590} folder moved successfully. C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9} folder moved successfully. C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944} folder moved successfully. C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39} folder moved successfully. C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3} folder moved successfully. C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C} folder moved successfully. C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326} folder moved successfully. C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC} folder moved successfully. C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA} folder moved successfully. C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E} folder moved successfully. C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777} folder moved successfully. C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B} folder moved successfully. C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0} folder moved successfully. C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689} folder moved successfully. C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112} folder moved successfully. C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A} folder moved successfully. C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07} folder moved successfully. C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61} folder moved successfully. C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD} folder moved successfully. C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9} folder moved successfully. C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4} folder moved successfully. C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD} folder moved successfully. C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D} folder moved successfully. C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31} folder moved successfully. C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF} folder moved successfully. C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC} folder moved successfully. C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D} folder moved successfully. C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B} folder moved successfully. C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B} folder moved successfully. C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61} folder moved successfully. C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7} folder moved successfully. C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF} folder moved successfully. C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784} folder moved successfully. C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032} folder moved successfully. C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C} folder moved successfully. C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9} folder moved successfully. C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089} folder moved successfully. C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2} folder moved successfully. C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7} folder moved successfully. C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B} folder moved successfully. C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4} folder moved successfully. C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\U folder moved successfully. C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\L folder moved successfully. C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e} folder moved successfully. ========== COMMANDS ========== OTL by OldTimer - Version 3.2.49.0 log created on 06182012_194033 Files\Folders moved on Reboot... Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log] log z systemLook [log]SystemLook 30.07.11 by jpshortstuff Log created at 19:46 on 18/06/2012 by PC Administrator - Elevation successful ========== reg ========== [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] (No values found) [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32] "ThreadingModel"="Both" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}] @="Microsoft WBEM New Event Subsystem" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32] @="%systemroot%\system32\wbem\wbemess.dll" "ThreadingModel"="Both" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] @="MruPidlList" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] @="%SystemRoot%\system32\shell32.dll" "ThreadingModel"="Apartment" ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3 C:\Windows\SysWOW64\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe --a---- 384512 bytes [02:49 21/01/2008] [02:49 21/01/2008] DFAC660F0F139276CC9299812DE42719 C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3 C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:50 21/01/2008] [02:50 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B -= EOF =-[/log]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Jest ładnie - wpis z rejstru usuniety, foldery również. Daj mi teraz [b]ostatni skan weryfikacyjny z OTL[/b] i przejdziemy do czynnosci końcowych.
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 otl: [log]OTL logfile created on: 2012-06-18 19:56:29 - Run 4 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 38,11% Memory free 8,21 Gb Paging File | 5,52 Gb Available in Paging File | 67,30% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 78,27 Gb Free Space | 52,09% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-18 17:04:26 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll MOD - [2012-06-15 19:50:17 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll MOD - [2011-07-04 19:46:26 | 000,152,160 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggzip.dll MOD - [2011-07-04 19:46:24 | 000,270,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggwebkit.dll MOD - [2011-07-04 19:46:22 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradiocore.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:20 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradio.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,127,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcimproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:14 | 000,086,624 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gghttp.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,946,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libxml2.dll MOD - [2011-02-17 10:59:40 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstreamer-0.10.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstinterfaces-0.10.dll MOD - [2011-02-17 10:59:40 | 000,033,098 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\iconv.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr) DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC) DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2009-04-11 07:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187) DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt) DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207) DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187) DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions [2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\ CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-18 16:37:01 | 000,000,000 | ---D | C] -- C:\_OTL [2012-06-18 07:55:48 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\foty [2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\rsit [2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl [2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia [2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA% [2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes [2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb [2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2 [2012-06-12 20:33:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012-06-12 20:33:09 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012-06-12 20:33:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012-06-12 20:33:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012-06-12 20:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012-06-12 20:33:07 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012-06-12 20:33:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012-06-12 20:33:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012-06-12 20:33:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012-06-12 20:33:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012-06-12 20:33:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012-06-12 20:33:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012-06-12 20:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012-06-12 20:33:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012-06-12 20:33:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012-06-12 20:33:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012-06-12 20:33:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012-06-12 20:33:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012-06-12 20:33:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012-06-12 20:33:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012-06-12 20:33:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012-06-12 20:33:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012-06-12 20:33:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012-06-12 20:33:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012-06-12 20:33:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012-06-12 20:33:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012-06-12 20:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012-06-12 20:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012-06-12 20:33:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012-06-12 20:33:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-06-12 20:33:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni [2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012 [2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat [2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany [2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg [2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe [2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA [2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll [2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll [2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-18 19:48:19 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-18 19:48:19 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-06-18 19:48:19 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-18 19:48:19 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-06-18 19:48:19 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-18 19:42:33 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-06-18 19:42:33 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-06-18 19:42:14 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-18 19:42:14 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-18 19:42:12 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-18 19:42:09 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job [2012-06-18 19:42:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-18 19:42:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012-06-18 19:40:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-06-18 19:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-18 19:07:03 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-18 11:10:11 | 000,000,230 | ---- | M] () -- C:\fix.BAT [2012-06-18 06:43:37 | 000,574,179 | ---- | M] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg [2012-06-18 06:29:37 | 000,000,680 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-15 19:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-06-15 19:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb [2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-18 11:10:10 | 000,000,230 | ---- | C] () -- C:\fix.BAT [2012-06-18 06:43:35 | 000,574,179 | ---- | C] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg [2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr [2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps [2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr [2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr [2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf [2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr [2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg [2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps [2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf [2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf [2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf [2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf [2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf [2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys [2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat [2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat [color=#E56717]========== LOP Check ==========[/color] [2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib [2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla [2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10 [2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG [2012-06-18 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla [2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView [2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech [2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM [2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org [2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM [2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung [2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer [2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp [2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall [2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer [2012-06-18 19:42:09 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job [2012-06-18 19:40:50 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV < End of report > [/log] extras: [log]OTL Extras logfile created on: 2012-06-18 19:56:29 - Run 4 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 38,11% Memory free 8,21 Gb Paging File | 5,52 Gb Available in Paging File | 67,30% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,26 Gb Total Space | 78,27 Gb Free Space | 52,09% Space Free | Partition Type: NTFS Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 63 A2 6C 66 0C 48 CB 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3427946872-3053539125-2350841564-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Pen Tablet Driver" = Bamboo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4 "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA "{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture "{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw "{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP "{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content "{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters "{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish "{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BE686891-3C56-4714-AFEF-341A7867BA80}" = ASUS WiFi-AP Solo "{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1" = NexusFile (5.3.1.5460) "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Clownfish" = Clownfish for Skype "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "ESET Online Scanner" = ESET Online Scanner v3 "FileZilla Client" = FileZilla Client 3.5.0 "flashFONT" = flashFONT "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Host OpenAL (ADI)" = Host OpenAL (ADI) "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "ipla" = ipla 2.3.5 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400 "Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0 "Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "QuicktimeAlt_is1" = QuickTime Alternative 3.1.1 "RealAlt_is1" = Real Alternative 2.0.2 "SkanerOnline" = Skaner on-line mks_vir "TeamViewer 6" = TeamViewer 6 "TeamViewer 7" = TeamViewer 7 "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MyFreeCodec" = MyFreeCodec "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-02-08 02:55:53 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2012-02-08 02:55:54 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2012-02-08 05:26:24 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = Error - 2012-02-08 05:55:15 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 16b4 Godzina rozpoczęcia: 01cce6468e63c29e Godzina zakończenia: 12 Error - 2012-02-08 06:00:10 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 14c8 Godzina rozpoczęcia: 01cce647c336991e Godzina zakończenia: 11 Error - 2012-02-08 06:05:22 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 1798 Godzina rozpoczęcia: 01cce6487ac5909e Godzina zakończenia: 15 Error - 2012-02-08 09:15:17 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Program WINWORD.EXE w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 1e68 Godzina rozpoczęcia: 01cce6638867e7fe Godzina zakończenia: 15 Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk(1).exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error - 2012-02-08 09:39:01 | Computer Name = PC-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 2011-02-16 16:35:21 | Computer Name = PC-PC | Source = Media Center Guide | ID = 0 Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError returned 0D Proces: DefaultDomain Nazwa obiektu: Media Center Guide [ System Events ] Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023 Description = Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023 Description = Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003 Description = Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = < End of report > [/log] Oby teraz czysto było
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Skasuj ręcznie ten folder. C:\Windows\SysNative\%APPDATA% jest ukryty więc musisz właczyć pokazywanie ukrytych plików i folderów. Po usunieci zrób restart i sprawdź czy to bydle się pojawia. Jak coś to wejdź w awaryjny i powtórz operację usuwania. Tak poza tym czysto. Czekam na odpowiedź
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 (edytowane) Nie mogłem usunąć, ponieważ nie widzę/ nie mam tego katalogu SysNative. Ustawiłem pokazywanie ukrytych folderów, oraz pokazywanie folderów systemowych. Lookałem w zwykłym trybie, oraz podczas uruchomienia awaryjnego. Na potwierdzenie wrzucam zdj z folderu "Windows" [url="http://postimage.org/image/yxksglthn/"][img]http://s17.postimage.org/yxksglthn/20120618_205350.jpg[/img][/url]
Gość komentarz 18 czerwca 2012 komentarz 18 czerwca 2012 Uruchom Systemlook i w okno wklej [code]:folderfind C:\Windows\SysNative\%APPDATA%[/code] Kliknij w Look. Przedstaw raport
winbooy komentarz 18 czerwca 2012 Autor komentarz 18 czerwca 2012 Ok. wklejam raport: [log]SystemLook 30.07.11 by jpshortstuff Log created at 21:18 on 18/06/2012 by PC Administrator - Elevation successful ========== folderfind ========== Searching for "C:\Windows\SysNative\%APPDATA%" No folders found. -= EOF =-[/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.