Human utworzono 3 stycznia 2013 utworzono 3 stycznia 2013 Witajcie! Dziś wszedłem w jakiś link na fb który koleżanka wstawiła jako zdjęcie jakiejś osoby, jak się okazało ktoś się jej włamał na konto i to wstawił, gdy otworzyłem ten link avast! zaczął monitorować że znalazł wirusa itp i niby go usunął. Ale teraz nie działa mi w ogóle przeglądarka IE nie wyświetlają się reklamy ani nie działają pliki exe (np instalka Windows 8 Enteprise na 90 dni). [log]OTL logfile created on: 2013-01-03 19:40:59 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olek\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,86 Gb Total Physical Memory | 3,30 Gb Available Physical Memory | 68,02% Memory free 5,35 Gb Paging File | 3,71 Gb Available in Paging File | 69,32% Paging File free Paging file location(s): c:\pagefile.sys 512 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 447,66 Gb Total Space | 338,78 Gb Free Space | 75,68% Space Free | Partition Type: NTFS Drive E: | 2,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: OLEK-KOMPUTER | User Name: Olek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days========== Processes (All) ========== PRC - [2013-01-03 19:40:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olek\Downloads\OTL.exe PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-09-10 04:52:10 | 000,394,816 | ---- | M] (ZTE) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\BMController.exe PRC - [2012-09-10 03:03:42 | 000,070,512 | ---- | M] (ZTE) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe PRC - [2012-09-10 03:03:40 | 000,221,552 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe PRC - [2012-09-10 03:03:40 | 000,037,232 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe PRC - [2011-07-01 09:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011-07-01 09:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011-07-01 09:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2011-07-01 09:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010-11-20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe========== Modules (All) ========== MOD - [2013-01-03 19:40:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olek\Downloads\OTL.exe MOD - [2012-12-11 18:58:39 | 000,043,272 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\13010300\uiext.dll MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\icudt.dll MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\chrome.dll MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-10-30 23:51:26 | 000,242,056 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll MOD - [2012-10-30 23:51:26 | 000,095,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll MOD - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe MOD - [2012-10-30 23:50:53 | 000,236,888 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2012-10-30 23:50:51 | 006,439,048 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll MOD - [2012-10-30 23:50:47 | 000,476,360 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll MOD - [2012-10-30 23:50:47 | 000,027,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll MOD - [2012-10-30 23:50:44 | 000,220,944 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll MOD - [2012-10-30 23:50:44 | 000,217,848 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll MOD - [2012-10-30 23:50:44 | 000,126,160 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MOD - [2012-10-30 23:50:44 | 000,051,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MOD - [2012-10-30 23:50:41 | 002,162,488 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll MOD - [2012-10-30 23:50:41 | 000,682,384 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll MOD - [2012-10-30 23:50:41 | 000,347,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MOD - [2012-10-30 23:50:41 | 000,191,568 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MOD - [2012-10-30 23:50:41 | 000,191,080 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll MOD - [2012-10-30 23:50:41 | 000,099,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MOD - [2012-10-30 23:50:38 | 000,153,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll MOD - [2012-10-30 23:50:38 | 000,061,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MOD - [2012-10-30 23:50:36 | 000,441,352 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll MOD - [2012-10-30 23:50:30 | 000,368,752 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll MOD - [2012-10-30 23:50:30 | 000,120,504 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll MOD - [2012-10-27 11:47:36 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-10-27 11:47:35 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-10-27 11:47:35 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-10-22 17:40:20 | 011,049,472 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012-09-10 04:52:10 | 000,394,816 | ---- | M] (ZTE) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\BMController.exe MOD - [2012-09-10 03:03:42 | 000,070,512 | ---- | M] (ZTE) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe MOD - [2012-09-10 03:03:40 | 000,221,552 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe MOD - [2012-09-10 03:03:40 | 000,037,232 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe MOD - [2012-09-10 02:42:52 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\itapi.dll MOD - [2012-09-10 02:42:46 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\audio.dll MOD - [2012-09-10 02:42:38 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\coder.dll MOD - [2012-09-10 02:42:38 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libConfig.dll MOD - [2012-09-10 02:42:34 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\log.dll MOD - [2012-09-10 02:39:48 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-08-24 17:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012-08-24 17:57:37 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2012-08-24 17:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012-07-17 14:49:00 | 000,145,648 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL MOD - [2012-07-04 22:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-06-02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-01-13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-26 08:41:00 | 000,090,624 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-27 05:57:00 | 000,203,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-11-15 02:28:52 | 001,147,392 | ---- | M] (The GLib developer community) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libglib-2.0-0-vs8.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-07-01 09:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe MOD - [2011-07-01 09:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe MOD - [2011-07-01 09:51:12 | 000,393,808 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\aipflib.dll MOD - [2011-06-30 14:01:04 | 000,431,696 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-06 04:03:32 | 000,594,944 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-1.dll MOD - [2011-05-06 04:03:18 | 000,196,096 | ---- | M] (The GLib developer community) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libgobject-2.0-0-vs8.dll MOD - [2011-05-06 04:03:14 | 000,031,232 | ---- | M] (The GLib developer community) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libgthread-2.0-0-vs8.dll MOD - [2011-05-06 04:02:40 | 000,341,504 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\sqlite3.dll MOD - [2011-03-14 18:44:40 | 000,075,856 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\NTKCUtl.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2010-11-20 13:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 13:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 13:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 13:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 13:21:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 13:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 13:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll MOD - [2010-11-20 13:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 13:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 13:19:01 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 13:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-03 16:00:52 | 000,092,240 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LmSmbKel.dll MOD - [2010-10-14 10:37:54 | 000,892,928 | ---- | M] (Free Software Foundation) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\iconv.dll MOD - [2010-10-14 10:37:52 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libxml2.dll MOD - [2010-10-14 10:37:52 | 000,104,861 | ---- | M] (Free Software Foundation) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\intl.dll MOD - [2010-10-14 10:37:52 | 000,080,688 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\zlib1.dll MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll MOD - [2010-01-29 09:47:30 | 000,129,024 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\BIOptimizationClient.dll MOD - [2010-01-29 09:45:10 | 000,160,768 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\BIXml.dll MOD - [2009-12-30 16:13:16 | 000,326,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\OSDUtl2.dll MOD - [2009-12-15 03:46:16 | 000,271,488 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\bmapi.dll MOD - [2009-07-27 17:43:46 | 000,068,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\PowerUtl.dll MOD - [2009-07-27 11:47:02 | 000,068,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\Wnd2File.dll MOD - [2009-07-27 11:42:16 | 000,062,472 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\MixerUtl.dll MOD - [2009-07-27 11:38:14 | 000,088,584 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\SzUPFUtl.dll MOD - [2009-07-20 14:12:12 | 000,137,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\ComFnUtl.dll MOD - [2009-07-14 13:53:32 | 000,128,008 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\CDRomUtl.dll MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 02:16:18 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winbrand.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm MOD - [2009-07-14 02:14:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msgsm32.acm MOD - [2009-07-14 02:14:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msadp32.acm MOD - [2009-07-14 02:14:10 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imaadp32.acm MOD - [2009-07-14 02:14:10 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msg711.acm MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-03 15:29:46 | 000,147,464 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\VistaVol.DLL MOD - [2007-09-09 16:07:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libexpat.dll========== Services (SafeList) ========== SRV:64bit: - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2011-08-05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV:64bit: - [2011-08-05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV:64bit: - [2011-08-05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV:64bit: - [2010-12-10 14:53:34 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2010-10-29 09:22:12 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2010-10-08 01:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-12-14 11:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-22 17:40:30 | 000,277,024 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-11-27 05:57:00 | 002,253,120 | R--- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-07-01 09:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011-02-18 07:20:54 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010-12-23 03:25:02 | 002,656,280 | R--- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-12-23 03:24:58 | 000,325,656 | R--- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)========== Driver Services (SafeList) ========== DRV:64bit: - [2012-12-19 14:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012-10-22 17:40:12 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012-10-03 16:13:26 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012-10-02 19:20:50 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012-06-19 07:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011-11-27 05:57:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2011-08-10 11:56:46 | 000,079,872 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zte_cdc_acm.sys -- (zte_cdc_acm) DRV:64bit: - [2011-08-10 11:56:46 | 000,014,336 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zte_cpo.sys -- (zte_cpo) DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011-02-18 07:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011-01-20 17:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp) DRV:64bit: - [2011-01-20 17:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd) DRV:64bit: - [2011-01-19 19:28:26 | 000,052,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa) DRV:64bit: - [2011-01-13 17:22:24 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa) DRV:64bit: - [2010-12-10 15:05:02 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010-12-10 15:04:52 | 000,349,224 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:64bit: - [2010-12-01 21:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-11-20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010-11-20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010-10-20 07:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010-10-08 01:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010-09-14 12:59:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010-09-14 12:59:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010-08-20 14:21:38 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010-07-29 05:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009-12-15 03:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM) DRV:64bit: - [2009-12-15 03:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad) DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2007-03-19 19:58:00 | 000,047,616 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\st330.sys -- (ST330) DRV:64bit: - [2007-03-19 19:58:00 | 000,024,576 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stbus.sys -- (STBUS) DRV - [2009-12-15 03:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2009-12-15 03:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\BMLoad.sys -- (BMLoad) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (SafeList) ==================== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3158789062-2903800707-1830128079-1000\..\SearchScopes,DefaultScope = {A1C37E04-53D4-4C39-B4BC-501204DF42CE} IE - HKU\S-1-5-21-3158789062-2903800707-1830128079-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3158789062-2903800707-1830128079-1000\..\SearchScopes\{A1C37E04-53D4-4C39-B4BC-501204DF42CE}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-3158789062-2903800707-1830128079-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Olek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Olek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-09 13:07:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon [2010-04-01 13:29:34 | 000,000,000 | ---D | M] [2012-11-10 15:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olek\AppData\Roaming\mozilla\Extensions========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Olek\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Olek\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Users\Olek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Olek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Szukaj w Google = C:\Users\Olek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Gmail = C:\Users\Olek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3158789062-2903800707-1830128079-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BFDDF2B-7038-45FE-9578-9D9E444AA7E3}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD2442C2-6473-48B7-8205-7A124D9F2467}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB357858-2341-481D-84FC-1F9468EEF687}: DhcpNameServer = 192.168.42.129 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [1974-07-25 01:00:00 | 000,000,000 | ---- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{585ceb98-1eb3-11e2-9104-b870f4e60d6a}\Shell - "" = AutoRun O33 - MountPoints2\{585ceb98-1eb3-11e2-9104-b870f4e60d6a}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{d315c053-396e-11e2-98a9-b870f4e60d6a}\Shell - "" = AutoRun O33 - MountPoints2\{d315c053-396e-11e2-98a9-b870f4e60d6a}\Shell\AutoRun\command - "" = F:\windows\Install\Install.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: Dolby Advanced Audio v2 - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Olek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig:64bit - StartUpReg: NSU_agent - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: Zune Launcher - hkey= - key= - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices========== Files/Folders - Created Within 60 Days ========== [2013-01-03 19:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2012-12-28 13:53:12 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys [2012-12-28 13:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [2012-12-28 13:26:17 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\Symbian-Toys.com [2012-12-28 12:20:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia [2012-12-28 12:18:13 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\Nokia [2012-12-28 12:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2012-12-28 12:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2012-12-28 12:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia [2012-12-27 23:08:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012-12-27 23:08:18 | 000,000,000 | R--D | C] -- C:\Users\Olek\Podcasts [2012-12-27 23:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune [2012-12-27 23:07:10 | 000,000,000 | ---D | C] -- C:\Program Files\Zune [2012-12-24 12:55:18 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\LogMeIn Hamachi [2012-12-24 12:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-12-24 12:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012-12-15 11:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-12-15 11:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012-12-15 11:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-12-09 20:09:55 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\OpenOffice.org [2012-12-09 20:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012-12-08 19:51:23 | 000,000,000 | ---D | C] -- C:\Users\Olek\Desktop\Dysk wymienny [2012-12-02 13:01:31 | 000,020,992 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-12-02 13:01:26 | 000,017,920 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-12-02 12:49:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games [2012-12-02 12:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2012-12-02 12:47:25 | 000,000,000 | ---D | C] -- C:\Users\Olek\Documents\EA Games [2012-12-02 12:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA GAMES [2012-12-02 12:43:36 | 000,442,368 | R--- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll [2012-12-01 18:19:47 | 000,000,000 | ---D | C] -- C:\Windows\pl [2012-12-01 18:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012-12-01 18:19:02 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-12-01 18:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012-12-01 18:18:00 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\Windows Live [2012-12-01 18:17:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012-12-01 18:16:21 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\WMTools Downloaded Files [2012-12-01 16:17:30 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\Audacity [2012-11-30 15:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2012-11-30 14:59:54 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\HD Tune Pro [2012-11-28 16:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Service [2012-11-28 16:22:10 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\InternetManager_Z [2012-11-28 16:20:27 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bmnet.dll [2012-11-28 16:20:27 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\bmnet.dll [2012-11-28 16:20:27 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bminstall.dll [2012-11-28 16:20:27 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\bminstall.dll [2012-11-28 16:20:27 | 000,271,488 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bmapi.dll [2012-11-28 16:20:27 | 000,271,488 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\bmapi.dll [2012-11-28 16:20:27 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bmdumpd.bin [2012-11-28 16:20:27 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\bmdumpd.bin [2012-11-28 16:20:27 | 000,039,552 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\drivers\tcpipBM.sys [2012-11-28 16:20:27 | 000,039,552 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\tcpipBM.sys [2012-11-28 16:20:27 | 000,016,512 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\drivers\BMLoad.sys [2012-11-28 16:20:27 | 000,016,512 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\BMLoad.sys [2012-11-28 16:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager [2012-11-28 16:20:18 | 000,079,872 | ---- | C] (ZTE) -- C:\Windows\SysNative\drivers\zte_cdc_acm.sys [2012-11-28 16:20:18 | 000,014,336 | ---- | C] (ZTE) -- C:\Windows\SysNative\drivers\zte_cpo.sys [2012-11-28 16:20:13 | 000,013,824 | ---- | C] (ZTE) -- C:\Windows\SysNative\zte_CPOCoinstaller.dll [2012-11-28 16:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-Mobile [2012-11-24 08:33:23 | 000,000,000 | ---D | C] -- C:\Users\Olek\.gstreamer-0.10 [2012-11-24 08:33:20 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\ChomikBox [2012-11-23 17:45:24 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\BANDISOFT [2012-11-23 17:44:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1 [2012-11-21 21:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012-11-19 17:16:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-11-19 17:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-11-17 13:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2012-11-17 13:22:06 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\PC Suite [2012-11-17 13:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012-11-17 13:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012-11-17 13:18:32 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll [2012-11-17 13:18:07 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\Nokia [2012-11-17 13:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2012-11-12 20:02:32 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2012-11-10 15:20:07 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\Mozilla [2012-11-09 21:18:43 | 000,000,000 | ---D | C] -- C:\Users\Olek\Documents\Virtual Machines [2012-11-09 21:17:15 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Local\VMware [2012-11-09 21:16:48 | 000,000,000 | ---D | C] -- C:\Users\Olek\AppData\Roaming\VMware [2012-11-09 21:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware [2012-11-07 19:54:20 | 000,047,616 | ---- | C] (THOMSON Telecom Belgium) -- C:\Windows\SysNative\drivers\st330.sys [2012-11-07 19:54:20 | 000,031,232 | ---- | C] (THOMSON Telecom Belgium) -- C:\Windows\SysNative\drivers\lpwdm.sys [2012-11-07 19:54:20 | 000,024,576 | ---- | C] (THOMSON Telecom Belgium) -- C:\Windows\SysNative\drivers\stbus.sys========== Files - Modified Within 60 Days ========== [2013-01-03 19:10:08 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-03 19:10:08 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-03 18:58:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3158789062-2903800707-1830128079-1000UA.job [2013-01-03 14:20:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-03 14:20:18 | 3910,029,312 | -HS- | M] () -- C:\hiberfil.sys [2013-01-02 20:58:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3158789062-2903800707-1830128079-1000Core.job [2012-12-30 18:21:08 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-12-30 18:21:08 | 000,738,192 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-12-30 18:21:08 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-12-30 18:21:08 | 000,154,848 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-12-30 18:21:08 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-12-29 18:52:19 | 000,317,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-12-28 16:50:51 | 001,638,822 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-12-27 23:10:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf [2012-12-27 23:10:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2012-12-27 23:07:12 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk [2012-12-15 12:00:23 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2012-12-13 20:01:22 | 000,002,444 | ---- | M] () -- C:\Users\Olek\Desktop\Google Chrome.lnk [2012-12-09 21:13:23 | 000,622,756 | ---- | M] () -- C:\Users\Olek\Documents\Aleksander Drążkowski ITI (5).odt [2012-12-09 15:52:47 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml [2012-12-09 15:52:47 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml [2012-12-02 13:03:22 | 000,015,832 | ---- | M] () -- C:\Windows\SysNative\results.xml [2012-11-30 15:21:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-11-28 16:21:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_zte_cdc_acm_01009.Wdf [2012-11-28 16:20:31 | 000,001,315 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\mcserver.lnk [2012-11-28 16:20:27 | 000,000,519 | ---- | M] () -- C:\Windows\SysWow64\bocinstall.ini [2012-11-28 16:20:27 | 000,000,519 | ---- | M] () -- C:\Windows\SysNative\bocinstall.ini [2012-11-28 16:19:54 | 000,000,118 | ---- | M] () -- C:\Windows\SysWow64\SupportApp.bat [2012-11-17 13:23:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2012-11-11 16:26:13 | 000,001,934 | ---- | M] () -- C:\Users\Olek\Desktop\Minecraft.lnk [2012-11-05 16:48:58 | 000,007,667 | ---- | M] () -- C:\Users\Olek\AppData\Local\Resmon.ResmonCfg========== Files Created - No Company Name ========== [2012-12-27 23:10:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf [2012-12-27 23:10:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2012-12-27 23:07:12 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk [2012-12-20 19:37:37 | 000,001,315 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\mcserver.lnk [2012-12-15 12:00:23 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-12-09 20:40:32 | 000,622,756 | ---- | C] () -- C:\Users\Olek\Documents\Aleksander Drążkowski ITI (5).odt [2012-12-01 18:19:37 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2012-12-01 18:19:33 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2012-11-29 19:37:54 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml [2012-11-29 19:37:54 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml [2012-11-28 16:21:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_zte_cdc_acm_01009.Wdf [2012-11-28 16:20:27 | 000,193,664 | ---- | C] () -- C:\Windows\SysWow64\bmsdk.exe [2012-11-28 16:20:27 | 000,193,664 | ---- | C] () -- C:\Windows\SysNative\bmsdk.exe [2012-11-28 16:20:27 | 000,002,960 | ---- | C] () -- C:\Windows\SysWow64\boc.ini [2012-11-28 16:20:27 | 000,002,960 | ---- | C] () -- C:\Windows\SysNative\boc.ini [2012-11-28 16:20:27 | 000,000,519 | ---- | C] () -- C:\Windows\SysWow64\bocinstall.ini [2012-11-28 16:20:27 | 000,000,519 | ---- | C] () -- C:\Windows\SysNative\bocinstall.ini [2012-11-28 16:19:54 | 000,000,118 | ---- | C] () -- C:\Windows\SysWow64\SupportApp.bat [2012-11-22 15:18:48 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-11-22 15:18:48 | 000,216,876 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin [2012-11-17 13:23:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2012-11-14 18:52:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-14 18:47:16 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-11 16:25:09 | 000,001,934 | ---- | C] () -- C:\Users\Olek\Desktop\Minecraft.lnk [2012-11-11 16:24:58 | 000,148,689 | ---- | C] () -- C:\Users\Olek\Documents\MinecraftLauncher.jar [2012-11-11 16:24:58 | 000,000,041 | ---- | C] () -- C:\Users\Olek\Documents\run.bat [2012-11-09 21:15:34 | 001,638,822 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-10-22 17:40:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012-10-22 17:40:04 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-10-22 17:40:00 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012-10-02 21:02:09 | 000,007,667 | ---- | C] () -- C:\Users\Olek\AppData\Local\Resmon.ResmonCfg [2012-10-02 19:28:25 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-10-02 19:28:25 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012-03-12 18:27:32 | 000,072,192 | R--- | C] () -- C:\Windows\SysWow64\changeAcl.exe========== ZeroAccess Check ========== [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]========== LOP Check ========== [2012-12-25 14:55:10 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\.minecraft [2012-12-01 20:53:49 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\Audacity [2012-11-23 17:45:24 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\BANDISOFT [2012-10-03 16:16:00 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\DAEMON Tools Lite [2013-01-02 16:39:30 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\GG [2012-11-30 14:59:54 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\HD Tune Pro [2012-11-28 16:22:10 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\InternetManager_Z [2012-11-19 17:06:19 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\LG Electronics [2012-10-04 18:33:37 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\LolClient [2012-12-28 12:18:13 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\Nokia [2012-12-09 20:09:55 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\OpenOffice.org [2012-10-21 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\Opera [2012-11-17 13:22:06 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\PC Suite [2012-10-20 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\TeamViewer [2012-10-05 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Olek\AppData\Roaming\wargaming.net========== Purity Check ==================== Custom Scans ==========< %systemdrive%\*.* > [2013-01-03 14:20:18 | 3910,029,312 | -HS- | M] () -- C:\hiberfil.sys [2013-01-03 14:20:24 | 536,870,912 | -HS- | M] () -- C:\pagefile.sys< MD5 for: AGP440.SYS > [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys< MD5 for: ATAPI.SYS > [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys< MD5 for: BEEP.SYS > [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys< MD5 for: CDROM.SYS > [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys< MD5 for: NDIS.SYS > [2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys< MD5 for: WINLOGON.EXE > [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log ] [log ]OTL Extras logfile created on: 2013-01-03 19:40:59 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olek\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,86 Gb Total Physical Memory | 3,30 Gb Available Physical Memory | 68,02% Memory free 5,35 Gb Paging File | 3,71 Gb Available in Paging File | 69,32% Paging File free Paging file location(s): c:\pagefile.sys 512 512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 447,66 Gb Total Space | 338,78 Gb Free Space | 75,68% Space Free | Partition Type: NTFS Drive E: | 2,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: OLEK-KOMPUTER | User Name: Olek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days========== Extra Registry (SafeList) ==================== File Associations ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)========== Shell Spawning ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 164bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1========== Authorized Applications List ==================== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{79CD1FB6-75A2-4786-8F25-40BFCD86436E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{917301A5-3AE4-48CA-BF33-003F2FD5A75D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1434839C-2BCF-480A-8AB3-B02DE3C56E83}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{276AF6A9-99AB-4D89-B243-ABD3AE9C9BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater for retail\nsuforretail.exe | "{2A2BD352-67AB-4444-8B6D-300FAFB26C38}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{3C8A5BE9-53D6-47FA-88FC-0E0E99CC0417}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuse.exe | "{4380527B-C9E6-4C0E-A1BC-FBE1078C016B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{498690FF-3A88-44D3-8212-6F689EDF9681}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{60EC1C33-E8E9-46B4-A235-2B6B4FB4F4C9}" = protocol=6 | dir=in | app=c:\users\olek\downloads\utorrentportable\app\utorrent\utorrent.exe | "{6D67FCFE-80E7-47E8-8E7E-040E79454EA7}" = protocol=17 | dir=in | app=c:\users\olek\downloads\utorrentportable\app\utorrent\utorrent.exe | "{722F0180-2ABA-4145-A91B-B4B1B191DF5F}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{76AC9E12-5820-43B0-8E30-927E03BE471C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{7DF1DA98-6050-4DD2-81EF-7E7D25F4D0D1}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "{802574A0-4228-492C-94FF-CC6F59EDB840}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{997D3329-436D-4A0F-B045-1F7222535BD1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuseservice.exe | "{9CD7F18F-35CA-4B0B-8DEA-7B30D617DFE4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuseservice.exe | "{BBD6FB76-98EC-446B-80F7-E00EC4B5C55C}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater for retail\nsuforretail.exe | "{C911860D-EA9E-4132-BCD5-07F19D3C1633}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{C9A17B7C-7832-4CEF-92E9-1786F191776D}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "{D263B30F-5332-4DE3-AF80-E9C9EF0425FC}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe | "{DCAEBFCA-8F53-4F46-8BA2-AA3B70D7128C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuse.exe | "{F6311A13-2F45-459C-8444-D085807B430A}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe | "TCP Query User{0638CE63-E5EE-42D2-A257-CAC6B116E984}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | "TCP Query User{073C7764-D69D-45D9-963C-476888D3205D}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{24842BB3-EFA0-40FD-9527-428E625CA9B3}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | "TCP Query User{61723D84-441B-4AF4-86F7-80BC25E5A01D}C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe | "TCP Query User{66186028-D16C-43C9-842B-D8B223C0CCAB}C:\program files (x86)\nokia\nokia software updater for retail\nsuforretail.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater for retail\nsuforretail.exe | "TCP Query User{7B293EB4-BA43-4965-A6D3-9D16E42A7E2F}C:\users\olek\downloads\utorrentportable\app\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\olek\downloads\utorrentportable\app\utorrent\utorrent.exe | "TCP Query User{968CBFD3-4448-40BC-A82B-469568C7083E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{BBCA44D2-11DD-42F5-B7E0-E9039D41EA52}C:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe | "TCP Query User{D528FE53-FC2B-4981-9A89-ED48996139AE}C:\program files (x86)\common files\nokia\fuse\fuse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuse.exe | "TCP Query User{D70CFCC5-A509-4AFE-9DA8-AA18E5497F39}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{E51BB700-C8B9-4309-B36B-A3AD458B0232}C:\program files (x86)\steam\steamapps\veadil\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\veadil\team fortress 2\hl2.exe | "TCP Query User{F3E1962E-6357-4B46-9D87-FF925D248913}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuseservice.exe | "UDP Query User{0AB6BBA0-D700-48F7-95C6-2046C9EF5677}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | "UDP Query User{4B680EEE-2B07-4C87-B77C-DF2D18E79CBE}C:\program files (x86)\common files\nokia\fuse\fuse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuse.exe | "UDP Query User{5141C8E4-7FE0-4545-869F-81E1F8072B72}C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe | "UDP Query User{55CF5733-C658-4594-9BC8-675681B0A443}C:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe | "UDP Query User{5BF51880-B9FB-4508-8E16-BCA25455663E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{6134F8AB-8765-43E2-A19B-9F9E3281DCB3}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\fuse\fuseservice.exe | "UDP Query User{79848761-519F-4CBF-AADC-5723FAB7EF17}C:\program files (x86)\steam\steamapps\veadil\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\veadil\team fortress 2\hl2.exe | "UDP Query User{CEC21F96-5A42-4372-A97B-8F5958040E4F}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | "UDP Query User{DCD10927-38DE-4A5E-9203-7EB9EA6EF889}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{E09FAAE8-0072-48EF-A3E5-4B4BB45965B0}C:\program files (x86)\nokia\nokia software updater for retail\nsuforretail.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater for retail\nsuforretail.exe | "UDP Query User{E1A91B89-2387-4CE0-9D30-14E37CC4E009}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{EAD0EBA7-8BCB-4FCF-9DED-F746C8CEAFD8}C:\users\olek\downloads\utorrentportable\app\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\olek\downloads\utorrentportable\app\utorrent\utorrent.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{029A4933-3F36-4E4F-AEC3-2207AB26463D}" = Broadcom Gigabit NetLink Controller "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit) "{27D28586-BEF1-4E06-8787-3B1FC3A41489}" = Internet Manager "{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS) "{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL) "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR) "{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS) "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE) "{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL) "{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK) "{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT) "{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6 "{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN) "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0 "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN) "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN) "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter "Defraggler" = Defraggler "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.20 (64-bitowy) "Zune" = Zune [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{06904B2B-5000-4C58-9471-256BA1A303BE}" = Fuse Drivers x64 "{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker "{2CB780E9-C958-4DD7-8763-086EE3615E6E}" = Nokia Software Updater for Retail "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution "{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live "{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "avast" = avast! Free Antivirus "DAEMON Tools Lite" = DAEMON Tools Lite "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "LManager" = Launch Manager "LogMeIn Hamachi" = LogMeIn Hamachi "Q3E Minimizer_is1" = Q3E Minimizer v1.51 "WinLiveSuite" = Podstawowe programy Windows Live========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3158789062-2903800707-1830128079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "Google Chrome" = Google Chrome========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2012-12-28 07:22:15 | Computer Name = Olek-Komputer | Source = MsiInstaller | ID = 11303 Description = Error - 2012-12-28 07:22:16 | Computer Name = Olek-Komputer | Source = MsiInstaller | ID = 11925 Description = Error - 2012-12-28 09:02:57 | Computer Name = Olek-Komputer | Source = MsiInstaller | ID = 11500 Description = Error - 2012-12-28 09:05:31 | Computer Name = Olek-Komputer | Source = MsiInstaller | ID = 11500 Description = Error - 2012-12-28 09:23:52 | Computer Name = Olek-Komputer | Source = ZuneDriver | ID = 80837 Description = Error - 2012-12-28 09:24:36 | Computer Name = Olek-Komputer | Source = ZuneDriver | ID = 80837 Description = Error - 2012-12-28 09:25:07 | Computer Name = Olek-Komputer | Source = ZuneDriver | ID = 80837 Description = Error - 2012-12-28 09:26:27 | Computer Name = Olek-Komputer | Source = ZuneDriver | ID = 80837 Description = Error - 2012-12-28 09:27:19 | Computer Name = Olek-Komputer | Source = ZuneDriver | ID = 80837 Description = Error - 2013-01-01 13:09:54 | Computer Name = Olek-Komputer | Source = Application Hang | ID = 1002 Description = Program biclient.exe w wersji 1.0.0.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: cb0 Godzina rozpoczęcia: 01cde842b18faad4 Godzina zakończenia: 3 Ścieżka aplikacji: C:\Users\Olek\AppData\Local\Temp\biclient.exe Identyfikator raportu: [ System Events ] Error - 2012-12-28 08:53:09 | Computer Name = Olek-Komputer | Source = Service Control Manager | ID = 7030 Description = Usługa ServiceLayer jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2012-12-28 15:25:16 | Computer Name = Olek-Komputer | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi lmhosts. Error - 2012-12-28 15:28:36 | Computer Name = Olek-Komputer | Source = Server | ID = 2505 Description = Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{C51C7EB8-1624-4F2D-8124-947966AECE00}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. Error - 2012-12-29 13:55:19 | Computer Name = Olek-Komputer | Source = Server | ID = 2505 Description = Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{C51C7EB8-1624-4F2D-8124-947966AECE00}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. Error - 2012-12-30 12:14:35 | Computer Name = Olek-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error - 2012-12-30 12:14:35 | Computer Name = Olek-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error - 2012-12-30 12:14:37 | Computer Name = Olek-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error - 2013-01-01 07:29:47 | Computer Name = Olek-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 02:01:11 na ?2013-?01-?01 było nieoczekiwane. Error - 2013-01-02 11:39:24 | Computer Name = Olek-Komputer | Source = Server | ID = 2505 Description = Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{C51C7EB8-1624-4F2D-8124-947966AECE00}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. Error - 2013-01-02 15:19:30 | Computer Name = Olek-Komputer | Source = Server | ID = 2505 Description = Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{C51C7EB8-1624-4F2D-8124-947966AECE00}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. < End of report > [/log ] [log]info.txt logfile of random's system information tool 1.09 2013-01-03 19:53:17 ======Uninstall list====== Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x0015 -removeonly Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe -maintain activex avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE} Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640} D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe Fuse Drivers x64-->MsiExec.exe /I{06904B2B-5000-4C58-9471-256BA1A303BE} Galeria fotografii-->MsiExec.exe /X{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8} Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall Java 7 Update 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF} Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0415 -removeonly LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {8B531332-0D5D-4B3B-A22C-8330DEA695A7} REMOVE=ALL LogMeIn Hamachi-->MsiExec.exe /I{8B531332-0D5D-4B3B-A22C-8330DEA695A7} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Movie Maker-->MsiExec.exe /X{2A078A2B-E2C8-43A3-862C-DC57090AB7C2} Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94} Nokia Connectivity Cable Driver-->MsiExec.exe /I{0906982B-A432-4C06-8F01-C01BE1143779} Nokia Software Updater for Retail-->MsiExec.exe /X{2CB780E9-C958-4DD7-8763-086EE3615E6E} PC Connectivity Solution-->MsiExec.exe /I{A2AA4204-C05A-4013-888A-AD153139297F} Photo Common-->MsiExec.exe /X{AA82E5EF-70C2-41CB-8432-309078304CBB} Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243} Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545} Q3E Minimizer v1.51-->"C:\Program Files (x86)\Q3E Minimizer v1.51\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053} Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}\Setup.exe" -l0x9 The Sims 2-->C:\Program Files (x86)\EA GAMES\The Sims 2\EAUninstall.exe Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44} Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC} Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72} Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6} Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214} Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552} Windows Live UX Platform Language Pack-->MsiExec.exe /I{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162} Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315} ======System event log====== Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Cryptographic Services weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20090714051424.262212-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Modules Installer weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20090714051424.168612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Software Protection weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20090714051424.059412-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20090714051424.012612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Volume Shadow Copy weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20090714051423.934612-000 Event Type: Informacje User: =====Application event log===== Computer Name: Olek-Komputer Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 1219376 Source Name: NVIDIA OpenGL Driver Time Written: 20121006153647.000000-000 Event Type: Ostrzeżenia User: Computer Name: Olek-Komputer Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 1219375 Source Name: NVIDIA OpenGL Driver Time Written: 20121006153647.000000-000 Event Type: Ostrzeżenia User: Computer Name: Olek-Komputer Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 1219374 Source Name: NVIDIA OpenGL Driver Time Written: 20121006153647.000000-000 Event Type: Ostrzeżenia User: Computer Name: Olek-Komputer Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 1219373 Source Name: NVIDIA OpenGL Driver Time Written: 20121006153647.000000-000 Event Type: Ostrzeżenia User: Computer Name: Olek-Komputer Event Code: 2 Message: The NVIDIA OpenGL driver has encountered an out of memory error. This application might behave inconsistently and fail. Record Number: 1219372 Source Name: NVIDIA OpenGL Driver Time Written: 20121006153647.000000-000 Event Type: Ostrzeżenia User: =====Security event log===== Computer Name: 37L4247E29-32 Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121002175531.990062-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x1d0 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121002175531.990062-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x2f6a5 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121002175524.065248-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121002175522.318045-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121002175522.115245-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 "VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\ -----------------EOF----------------- [/log] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Olek at 2013-01-03 19:53:11 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 347 GB (76%) free of 458 GB Total RAM: 4972 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:53:16, on 2013-01-03 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\BMController.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Olek\Downloads\RSIT (1).exe C:\Program Files (x86)\trend micro\Olek.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Global Startup: mcserver.lnk = C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{BD2442C2-6473-48B7-8205-7A124D9F2467}: NameServer = 192.168.1.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8599 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3158789062-2903800707-1830128079-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3158789062-2903800707-1830128079-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-03 449512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik logowania za pomocą konta Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-03 157672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup mcserver.lnk - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FPS1"=frapsvid.dll "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-01-03 19:53:11 ----D---- C:\rsit 2013-01-03 19:53:11 ----D---- C:\Program Files (x86)\trend micro 2012-12-28 13:53:07 ----D---- C:\Program Files (x86)\PC Connectivity Solution 2012-12-28 12:22:38 ----A---- C:\ProgramData\SystemInformation.txt 2012-12-28 12:20:47 ----D---- C:\Program Files (x86)\Common Files\Nokia 2012-12-28 12:18:13 ----D---- C:\Users\Olek\AppData\Roaming\Nokia 2012-12-28 12:18:13 ----D---- C:\ProgramData\Nokia 2012-12-28 12:18:13 ----D---- C:\Program Files (x86)\Nokia 2012-12-24 12:54:56 ----D---- C:\Program Files (x86)\LogMeIn Hamachi 2012-12-22 20:53:37 ----A---- C:\Windows\SysWOW64\atmlib.dll 2012-12-22 20:53:36 ----A---- C:\Windows\SysWOW64\atmfd.dll 2012-12-15 12:00:23 ----A---- C:\Windows\ODBC.INI 2012-12-15 11:59:46 ----D---- C:\Program Files (x86)\Common Files\DESIGNER 2012-12-15 11:59:40 ----D---- C:\Program Files (x86)\Microsoft Office 2012-12-13 19:41:17 ----A---- C:\Windows\SysWOW64\vbscript.dll 2012-12-13 19:41:17 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2012-12-13 19:41:17 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2012-12-13 19:41:17 ----A---- C:\Windows\SysWOW64\ieui.dll 2012-12-13 19:41:16 ----A---- C:\Windows\SysWOW64\urlmon.dll 2012-12-13 19:41:16 ----A---- C:\Windows\SysWOW64\url.dll 2012-12-13 19:41:15 ----A---- C:\Windows\SysWOW64\wininet.dll 2012-12-13 19:41:15 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2012-12-13 19:41:14 ----A---- C:\Windows\SysWOW64\jscript9.dll 2012-12-13 19:41:14 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-12-13 19:41:13 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2012-12-13 19:41:13 ----A---- C:\Windows\SysWOW64\iertutil.dll 2012-12-13 19:41:12 ----A---- C:\Windows\SysWOW64\mshtml.dll 2012-12-13 19:41:09 ----A---- C:\Windows\SysWOW64\ieframe.dll 2012-12-13 19:40:49 ----A---- C:\Windows\SysWOW64\KernelBase.dll 2012-12-13 19:40:49 ----A---- C:\Windows\SysWOW64\kernel32.dll 2012-12-13 19:40:48 ----A---- C:\Windows\SysWOW64\setup16.exe 2012-12-13 19:40:46 ----A---- C:\Windows\SysWOW64\wow32.dll 2012-12-13 19:40:46 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2012-12-13 19:40:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-12-13 19:40:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2012-12-13 19:40:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2012-12-13 19:40:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2012-12-13 19:40:44 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2012-12-13 19:40:44 ----A---- C:\Windows\SysWOW64\instnm.exe 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-12-13 19:40:43 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2012-12-13 19:40:42 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2012-12-13 19:40:41 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2012-12-13 19:40:41 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2012-12-13 19:40:41 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2012-12-13 19:40:41 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2012-12-13 19:40:41 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2012-12-13 19:40:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2012-12-13 19:40:38 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2012-12-13 19:40:37 ----A---- C:\Windows\SysWOW64\user.exe 2012-12-13 19:40:22 ----A---- C:\Windows\SysWOW64\tzres.dll 2012-12-13 19:40:16 ----A---- C:\Windows\SysWOW64\dpnet.dll 2012-12-09 20:09:55 ----D---- C:\Users\Olek\AppData\Roaming\OpenOffice.org 2012-12-09 20:06:21 ----D---- C:\Program Files (x86)\OpenOffice.org 3 2012-12-07 17:52:41 ----ASH---- C:\pagefile.sys ======List of files/folders modified in the last 1 month====== 2013-01-03 19:53:16 ----D---- C:\Windows\Prefetch 2013-01-03 19:53:11 ----RD---- C:\Program Files (x86) 2013-01-03 19:36:38 ----SHD---- C:\Windows\Installer 2013-01-03 19:36:30 ----SHD---- C:\Config.Msi 2013-01-03 19:36:26 ----D---- C:\Windows\Temp 2013-01-03 19:36:25 ----D---- C:\Windows\inf 2013-01-03 19:36:19 ----D---- C:\Windows\System32 2013-01-02 18:51:45 ----D---- C:\Users\Olek\AppData\Roaming\Skype 2013-01-02 16:39:30 ----D---- C:\Users\Olek\AppData\Roaming\GG 2012-12-29 21:15:24 ----RSD---- C:\Windows\assembly 2012-12-29 21:15:24 ----D---- C:\Windows\Microsoft.NET 2012-12-29 19:07:50 ----D---- C:\Windows\winsxs 2012-12-29 18:54:20 ----D---- C:\Windows\SysWOW64 2012-12-29 18:54:20 ----D---- C:\Program Files (x86)\BandiMPEG1 2012-12-28 16:50:51 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2012-12-28 13:22:26 ----D---- C:\Windows 2012-12-28 13:22:24 ----D---- C:\Windows\SoftwareDistribution 2012-12-28 12:23:23 ----SD---- C:\Users\Olek\AppData\Roaming\Microsoft 2012-12-28 12:22:38 ----HD---- C:\ProgramData 2012-12-28 12:20:47 ----RSD---- C:\Windows\Fonts 2012-12-28 12:20:47 ----D---- C:\Program Files (x86)\Common Files 2012-12-27 23:07:10 ----SD---- C:\ProgramData\Microsoft 2012-12-27 23:07:10 ----RD---- C:\Program Files 2012-12-25 14:55:10 ----D---- C:\Users\Olek\AppData\Roaming\.minecraft 2012-12-20 19:37:37 ----D---- C:\Windows\pss 2012-12-17 16:27:53 ----D---- C:\Windows\rescache 2012-12-17 10:04:03 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2012-12-15 11:59:48 ----D---- C:\Windows\ShellNew 2012-12-15 11:59:40 ----D---- C:\Program Files (x86)\Microsoft.NET 2012-12-15 11:59:06 ----D---- C:\Windows\system 2012-12-13 20:03:04 ----D---- C:\Windows\SysWOW64\pl-PL 2012-12-13 20:03:03 ----D---- C:\Windows\SysWOW64\migration 2012-12-13 20:03:03 ----D---- C:\Windows\AppPatch 2012-12-13 20:03:03 ----D---- C:\Program Files (x86)\Internet Explorer 2012-12-11 14:57:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2012-12-08 22:07:51 ----D---- C:\Program Files (x86)\Intel ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 BMLoad;Bytemobile Boot Time Load Driver; C:\Windows\system32\drivers\BMLoad.sys [2009-12-15 16512] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [] R1 tcpipBM;Bytemobile Kernel Network Provider; \??\C:\Windows\system32\drivers\tcpipBM.sys [2009-12-15 39552] R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [] R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [] R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [] R3 BCM43XX;Sterownik karty sieciowej Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [] R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [] R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 IntcDAud;Audio dla wyświetlaczy Intel(R); C:\Windows\system32\DRIVERS\IntcDAud.sys [] R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [] R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Users\Olek\Downloads\aida64extreme270\kerneld.x64 [] S3 ALSysIO;ALSysIO; \??\C:\Users\Olek\AppData\Local\Temp\ALSysIO64.sys [] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [] S3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [] S3 ST330;ST330; C:\Windows\system32\DRIVERS\st330.sys [] S3 STBUS;STBUS; C:\Windows\system32\DRIVERS\stbus.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [] S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [] S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [] S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [] S3 WinUsb;Sterownik WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] S3 zte_cdc_acm;ZTE All CDC-ACM driver; C:\Windows\system32\DRIVERS\zte_cdc_acm.sys [] S3 zte_cpo;ZTE All Install; C:\Windows\system32\DRIVERS\zte_cpo.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-02-26 89136] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400] S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728] S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680] S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-12-10 953632] S4 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-22 277024] S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336] S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-23 325656] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-27 2253120] S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] S4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016] S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-23 2656280] -----------------EOF----------------- [/log]
Natsuki Kuga komentarz 5 stycznia 2013 komentarz 5 stycznia 2013 W logach brak śladu infekcji. Wykonaj pełne skanowanie [url=http://www.malwarebytes.org/][b]MBAMem[/b][/url] i pokaż raport.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.