pokus632 utworzono 22 stycznia 2013 utworzono 22 stycznia 2013 Witam Posiadam system Windows home premium 32x i antywirusa Norton. Gdy odpalę laptopa i podłącze go do internetu po ok 10min na ekran wyskakują kreski i laptop się zawiesza. Próbowałem skanować komputer antywirusem, ale ten potrzebuje aktualizacji co powoduje połączenie z internetom i zwieszenie laptopa. Nie wiem co mam robić proszę o pomoc
Natsuki Kuga komentarz 22 stycznia 2013 komentarz 22 stycznia 2013 Zapoznaj się z przyklejonymi i pokaż zestaw odpowiednich logów.
pokus632 komentarz 22 stycznia 2013 Autor komentarz 22 stycznia 2013 (edytowane) Jak pokazać zestaw logw?? Dobra sory już wiem Log: [spoiler]Logfile of random's system information tool 1.09 (written by random/random) Run by hp at 2013-01-22 14:07:16 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 98 GB (33%) free of 297 GB Total RAM: 3069 MB (54% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AppleSoftwareUpdate.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForhp.job =========Mozilla firefox========= ProfilePath - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default prefs.js - "browser.startup.homepage" - "http://search.certified-toolbar.com?si=41460&home=true&tid=3220" prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, otis@digitalpersona.com:5.0.0.3790, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10, firebug@software.joehewitt.com:1.6.2, vshare@toolbar:1.0.2, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, cacaoweb@cacaoweb.org:1.0.17, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20" prefs.js - "keyword.URL" - "http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q=" prefs.js - "browser.startup.homepage" - "http://search.certified-toolbar.com?si=41460&home=true&tid=3220" prefs.js - "keyword.URL" - "http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q=" prefs.js - "browser.search.useDBForOrder" - false "{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "otis@digitalpersona.com"=C:\Program Files\DigitalPersona\Bin\FirefoxExt\ "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\IPSFFPlgn\ "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\coFFPlgn\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.146 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\plugins\ npdeployJava1.dll C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\ 50f33bceb0eed@50f33bceb0f27.com cacaoweb@cacaoweb.org {20a82645-c095-46ed-80e3-08825760534b} {b8c34bad-92d0-480c-85cc-1a74f02bc0da} C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\searchplugins\ Web Search.xml WebSearch.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{562611BF-554D-C7EF-43BA-85EE2DD1CD7E}] SaveAs - C:\ProgramData\SaveAs\50f33bceb1080.dll [2013-01-13 118784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll [2012-09-26 511968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL [2012-06-21 210400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2b1552c-6264-4922-9c10-7476f942c3d1}] DownTango Launcher - C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll [2012-12-23 1031752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04 42080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll [2012-09-26 511968] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-02-03 1185120] {872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll [2011-01-17 175912] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912] {98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] {a2b1552c-6264-4922-9c10-7476f942c3d1} - DownTango Launcher - C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll [2012-12-23 1031752] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2009-01-12 468264] "Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-08-08 524288] "UIExec"=C:\Program Files\Netia\Mobilny Internet\UIExec.exe [2009-08-11 132608] "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072] "Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2012-02-02 96128] "MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "IPLA!"=C:\Program Files\ipla\ipla.exe [2012-11-23 20857328] "cacaoweb"=C:\Users\hp\AppData\Roaming\cacaoweb\cacaoweb.exe [2013-01-10 436224] "GG"=C:\Users\hp\AppData\Local\GG\Application\gghub.exe [2012-11-05 3377288] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-10-21 81952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\saveas\sprote~1.dll c:\progra~1\justbr~1\sprote~1.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "DisableStatusMessages"=0 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 "NoDriveAutoRun"=0 "NofolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.l3codecp"=l3codecp.acm "msacm.siren"=sirenacm.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FFDS"=ff_vfw.dll "vidc.XVID"=xvidvfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.avis"=ff_acm.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "msacm.l3fhg"=mp3fhg.acm "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-01-22 14:07:17 ----D---- C:\Program Files\trend micro 2013-01-22 14:07:16 ----D---- C:\rsit 2013-01-22 13:50:22 ----D---- C:\Users\hp\AppData\Roaming\Optimizer Pro 2013-01-19 14:26:14 ----D---- C:\Windows\Minidump 2013-01-19 14:26:08 ----D---- C:\Windows\Prefetch 2013-01-19 14:26:01 ----ASH---- C:\hiberfil.sys 2013-01-13 23:40:57 ----A---- C:\Windows\Launcher.exe 2013-01-13 23:40:56 ----D---- C:\Users\hp\AppData\Roaming\DDownTango1aToolbar 2013-01-13 23:40:56 ----D---- C:\Program Files\DDownTango1aToolbar 2013-01-13 23:40:56 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt 2013-01-13 23:40:55 ----D---- C:\Program Files\Protected Search 2013-01-13 23:40:37 ----D---- C:\Program Files\Red Sky 2013-01-13 23:36:33 ----D---- C:\ProgramData\Cloud Software LTD 2013-01-13 23:36:28 ----D---- C:\Program Files\JustBrowse 2013-01-13 23:36:08 ----D---- C:\Program Files\Optimizer Pro 2013-01-13 23:35:39 ----D---- C:\Program Files\SaveAs 2013-01-13 23:35:30 ----D---- C:\ProgramData\SaveAs 2013-01-13 23:35:00 ----D---- C:\ProgramData\InstallMate 2013-01-12 21:38:26 ----D---- C:\Program Files\Mozilla Firefox(9) 2013-01-12 21:38:26 ----D---- C:\Program Files\Mozilla Firefox 2013-01-09 16:05:28 ----A---- C:\Windows\system32\win32k.sys 2013-01-09 16:05:08 ----A---- C:\Windows\system32\ncrypt.dll 2013-01-09 16:05:07 ----A---- C:\Windows\system32\shlwapi.dll 2013-01-09 16:04:12 ----A---- C:\Windows\system32\msxml6.dll ======List of files/folders modified in the last 1 month====== 2013-01-22 14:07:17 ----RD---- C:\Program Files 2013-01-22 14:07:08 ----D---- C:\Windows\Temp 2013-01-22 14:07:07 ----AD---- C:\ProgramData\Temp 2013-01-22 13:36:17 ----D---- C:\Windows\System32 2013-01-22 13:36:17 ----D---- C:\Windows\inf 2013-01-22 13:36:17 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-01-22 13:32:56 ----A---- C:\Windows\ntbtlog.txt 2013-01-22 13:32:12 ----D---- C:\Program Files\Przyspiesz Komputer 2013-01-22 13:27:46 ----A---- C:\ProgramData\hpqp.ini 2013-01-22 13:27:42 ----D---- C:\Users\hp\AppData\Roaming\GG 2013-01-22 13:27:32 ----D---- C:\Users\hp\AppData\Roaming\ipla 2013-01-22 10:35:57 ----AD---- C:\Windows 2013-01-22 10:33:31 ----D---- C:\Windows\system32\config 2013-01-22 10:33:22 ----SD---- C:\Windows\Downloaded Program Files 2013-01-22 10:33:22 ----D---- C:\Windows\Tasks 2013-01-22 10:33:22 ----D---- C:\Windows\system32\Tasks 2013-01-22 10:33:22 ----D---- C:\Windows\system32\spool 2013-01-22 10:33:22 ----D---- C:\Windows\system32\Msdtc 2013-01-22 10:33:22 ----D---- C:\Windows\system32\CodeIntegrity 2013-01-22 10:33:22 ----D---- C:\Windows\system32\catroot2 2013-01-22 10:33:18 ----HD---- C:\ProgramData 2013-01-22 10:33:18 ----D---- C:\Program Files\Mozilla Maintenance Service 2013-01-22 10:33:14 ----D---- C:\Windows\system32\wbem 2013-01-22 10:33:14 ----D---- C:\Windows\registration 2013-01-19 14:35:14 ----SHD---- C:\System Volume Information 2013-01-17 22:16:31 ----A---- C:\ProgramData\hpqp.txt 2013-01-16 19:12:38 ----D---- C:\Users\hp\AppData\Roaming\cacaoweb 2013-01-13 07:08:11 ----D---- C:\Users\hp\AppData\Roaming\Skype 2013-01-11 21:09:56 ----SHD---- C:\Windows\Installer 2013-01-09 19:55:12 ----D---- C:\Windows\Microsoft.NET 2013-01-09 19:55:10 ----RSD---- C:\Windows\assembly 2013-01-09 16:31:45 ----D---- C:\Windows\winsxs 2013-01-09 16:30:23 ----D---- C:\ProgramData\Microsoft Help 2013-01-09 16:08:51 ----A---- C:\Windows\system32\mrt.exe 2013-01-09 16:04:53 ----D---- C:\Windows\system32\catroot 2013-01-09 01:06:52 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-04-14 170000] R0 Amddfltr;Amd Disk Lower Filter Driver; C:\Windows\system32\DRIVERS\Amddfltr.sys [2008-01-07 15416] R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 7680] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-03-27 24424] R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R0 SMR311;Symantec SMR Utility Service 3.1.1; C:\Windows\System32\drivers\SMR311.SYS [2012-10-18 97440] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1309000.009\SYMDS.SYS [2012-03-29 340088] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1309000.009\SYMEFA.SYS [2012-05-22 924320] R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20130107.001\BHDrvx86.sys [2012-10-24 995488] R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NIS\1309000.009\ccSetx86.sys [2012-06-07 132768] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2012-08-12 376480] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232] R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20130113.001\IDSvix86.sys [2012-09-06 386720] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1309000.009\SRTSPX.SYS [2012-07-06 32928] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1309000.009\Ironx86.SYS [2012-04-18 149624] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1309000.009\SYMTDIV.SYS [2012-04-18 345208] R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};Power Control [2010/06/09 13:04:42]; \??\C:\Program Files\HP\QuickPlay\000.fcl [2009-01-12 87536] R2 RMCAST;Sterownik protokołu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 5120] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2012-08-13 141944] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936] R3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1309000.009\SRTSP.SYS [2012-07-06 574112] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S3 ALSysIO;ALSysIO; \??\C:\Users\hp\AppData\Local\Temp\ALSysIO.sys [] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424] S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 106656] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272] S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-01 102912] S3 iscFlash;iscFlash; \??\C:\SwSetup\SP46501\iscflash.sys [2009-06-16 13312] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-04-22 9728] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20130116.018\NAVENG.SYS [] S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20130116.018\NAVEX15.SYS [] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064] S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-02-02 104960] S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-02-02 105344] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-02-02 104960] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728] R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [2012-06-16 138272] R2 PCSUService;PC Speed Up Service; C:\Program Files\Przyspiesz Komputer\PCSUService.exe [2012-01-20 276704] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2009-10-14 583640] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2009-01-12 292216] R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2009-01-12 116080] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273] R2 UI Assistant Service;UI Assistant Service; C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe [2009-08-11 241664] R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832] S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400] S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-12 115760] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF----------------- [/spoiler] OTL: [spoiler]OTL logfile created on: 2013-01-22 13:39:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hp\Desktop\Nowy folder Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,98% Memory free 6,21 Gb Paging File | 5,08 Gb Available in Paging File | 81,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,95 Gb Total Space | 95,94 Gb Free Space | 33,09% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,54 Gb Free Space | 18,97% Space Free | Partition Type: NTFS Computer Name: HP-PC | User Name: hp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days ========== Processes (All) ========== PRC - [2013-01-22 10:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\Nowy folder\OTL.exe PRC - [2013-01-10 15:45:10 | 000,436,224 | ---- | M] () -- C:\Users\hp\AppData\Roaming\cacaoweb\cacaoweb.exe PRC - [2012-12-20 11:32:18 | 000,056,904 | ---- | M] (Simplygen) -- C:\Program Files\Protected Search\ProtectedSearch.exe PRC - [2012-11-27 19:56:22 | 000,153,736 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\ggapp.exe PRC - [2012-11-23 12:37:00 | 020,857,328 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe PRC - [2012-11-05 10:16:08 | 003,377,288 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\gghub.exe PRC - [2012-10-21 09:46:36 | 000,197,152 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProSmartScan.exe PRC - [2012-10-21 09:46:16 | 000,218,144 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProReminder.exe PRC - [2012-06-16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe PRC - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE PRC - [2012-02-10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE PRC - [2012-02-02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe PRC - [2012-01-20 10:51:30 | 000,276,704 | ---- | M] () -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe PRC - [2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-12-01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2009-10-14 15:42:38 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2009-08-11 17:53:08 | 000,241,664 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe PRC - [2009-08-11 17:52:46 | 000,132,608 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:59 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe PRC - [2009-04-11 07:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-01-12 15:50:42 | 000,292,216 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe PRC - [2009-01-12 15:50:42 | 000,116,080 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe PRC - [2009-01-12 15:50:08 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe PRC - [2008-08-08 06:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe PRC - [2008-06-27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe PRC - [2008-04-15 12:40:10 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe PRC - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2008-03-28 10:17:20 | 000,667,648 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe PRC - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008-03-26 14:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008-03-18 15:24:58 | 000,019,456 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe PRC - [2008-02-26 13:13:22 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008-01-25 17:05:30 | 000,148,832 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PRC - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PRC - [2007-05-31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe PRC - [2007-01-09 10:25:00 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-02 10:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe ========== Modules (All) ========== MOD - [2013-01-22 10:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\Nowy folder\OTL.exe MOD - [2013-01-10 15:45:10 | 000,436,224 | ---- | M] () -- C:\Users\hp\AppData\Roaming\cacaoweb\cacaoweb.exe MOD - [2013-01-09 18:46:34 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll MOD - [2013-01-09 18:29:32 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll MOD - [2013-01-09 18:29:22 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll MOD - [2013-01-09 18:28:11 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll MOD - [2013-01-09 18:27:58 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll MOD - [2013-01-09 00:51:44 | 014,461,448 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\Flash32_11_5_502_146.ocx MOD - [2012-12-20 11:32:18 | 000,056,904 | ---- | M] (Simplygen) -- C:\Program Files\Protected Search\ProtectedSearch.exe MOD - [2012-11-27 19:56:24 | 015,241,216 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\xul.dll MOD - [2012-11-27 19:56:23 | 001,945,600 | ---- | M] () -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\mozjs.dll MOD - [2012-11-27 19:56:23 | 000,638,976 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\nss3.dll MOD - [2012-11-27 19:56:23 | 000,540,672 | ---- | M] (sqlite.org) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\mozsqlite3.dll MOD - [2012-11-27 19:56:23 | 000,364,544 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\nssckbi.dll MOD - [2012-11-27 19:56:23 | 000,167,936 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\nspr4.dll MOD - [2012-11-27 19:56:23 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\softokn3.dll MOD - [2012-11-27 19:56:23 | 000,151,552 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\ssl3.dll MOD - [2012-11-27 19:56:23 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\nssdbm3.dll MOD - [2012-11-27 19:56:23 | 000,098,304 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\smime3.dll MOD - [2012-11-27 19:56:23 | 000,098,304 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\nssutil3.dll MOD - [2012-11-27 19:56:23 | 000,014,848 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\plc4.dll MOD - [2012-11-27 19:56:23 | 000,012,288 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\xpcom.dll MOD - [2012-11-27 19:56:23 | 000,011,776 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\plds4.dll MOD - [2012-11-27 19:56:22 | 000,589,824 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\gkmedias.dll MOD - [2012-11-27 19:56:22 | 000,262,144 | ---- | M] (Mozilla Foundation) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\freebl3.dll MOD - [2012-11-27 19:56:22 | 000,153,736 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\ggapp.exe MOD - [2012-11-27 19:56:22 | 000,026,112 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\mozglue.dll MOD - [2012-11-27 19:56:22 | 000,009,216 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\mozalloc.dll MOD - [2012-11-23 12:37:06 | 004,035,472 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ZGUI.dll MOD - [2012-11-23 12:37:04 | 000,392,592 | ---- | M] () -- C:\Program Files\ipla\jabberoo.dll MOD - [2012-11-23 12:37:04 | 000,068,496 | ---- | M] () -- C:\Program Files\ipla\ziplib.dll MOD - [2012-11-23 12:37:02 | 000,243,600 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\ipla\curllib.dll MOD - [2012-11-23 12:37:00 | 020,857,328 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe MOD - [2012-11-23 12:37:00 | 001,001,872 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\CommonLib.dll MOD - [2012-11-23 12:25:52 | 000,294,400 | ---- | M] () -- C:\Program Files\ipla\MediaFileScanner.dll MOD - [2012-11-23 12:23:42 | 002,268,160 | ---- | M] (http://mediainfo.sourceforge.net) -- C:\Program Files\ipla\MediaInfoStatic.dll MOD - [2012-11-22 04:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2012-11-20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2012-11-16 10:45:14 | 001,365,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2012-11-05 10:16:08 | 003,377,288 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Local\GG\Application\gghub.exe MOD - [2012-11-02 11:19:34 | 001,400,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2012-10-21 09:46:36 | 000,197,152 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProSmartScan.exe MOD - [2012-10-21 09:46:16 | 000,218,144 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProReminder.exe MOD - [2012-10-19 10:44:12 | 001,216,512 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\hp\AppData\Local\GG\Application\xulrunner\LIBEAY32.dll MOD - [2012-10-13 11:38:14 | 000,856,064 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll MOD - [2012-10-10 14:00:40 | 000,965,080 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\MUI\19.9.0.9\15\01\cltres.loc MOD - [2012-10-05 11:58:55 | 000,364,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2012-09-28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2012-09-26 08:04:52 | 000,731,544 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\uialert.dll MOD - [2012-09-26 08:04:47 | 000,159,128 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\qsplugin.dll MOD - [2012-09-26 08:04:43 | 000,419,224 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\npctray.dll MOD - [2012-09-26 08:04:42 | 000,698,776 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\npcstats.dll MOD - [2012-09-26 08:04:38 | 000,114,072 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\navshext.dll MOD - [2012-09-26 08:04:36 | 000,409,496 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\nahelper.dll MOD - [2012-09-26 08:04:35 | 000,297,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\mcstatus.dll MOD - [2012-09-26 08:04:32 | 001,222,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\isdatapr.dll MOD - [2012-09-26 08:04:25 | 000,370,072 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\fwsesal.dll MOD - [2012-09-26 08:04:21 | 000,317,336 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\avscntsk.dll MOD - [2012-09-26 08:04:19 | 000,418,712 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\avpapp32.dll MOD - [2012-09-26 08:04:17 | 000,472,984 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\avifc.dll MOD - [2012-09-26 08:04:15 | 000,413,080 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\asoehook.dll MOD - [2012-09-26 08:04:14 | 000,430,488 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ashelper.dll MOD - [2012-09-26 08:04:13 | 000,280,472 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\appmgr32.dll MOD - [2012-09-26 04:11:00 | 000,881,120 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coshdobj.dll MOD - [2012-09-26 04:10:58 | 001,354,208 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coactmgr.dll MOD - [2012-09-26 04:10:38 | 000,718,304 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\codatapr.dll MOD - [2012-09-25 17:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll MOD - [2012-09-04 19:09:51 | 000,790,512 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\cltlms.dll MOD - [2012-09-04 19:09:40 | 001,556,464 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\cltaldis.dll MOD - [2012-09-04 19:09:39 | 000,365,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\cltpe.dll MOD - [2012-08-31 12:01:15 | 005,915,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2012-08-24 16:53:29 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2012-07-06 03:17:58 | 000,419,808 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\srtsp32.dll MOD - [2012-06-29 17:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2012-06-16 03:31:03 | 000,678,352 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccl110u.dll MOD - [2012-06-16 03:24:32 | 000,292,816 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccgevt.dll MOD - [2012-06-16 03:24:31 | 000,396,752 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccjobmgr.dll MOD - [2012-06-16 03:24:29 | 000,161,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccipc.dll MOD - [2012-06-16 03:24:20 | 000,085,456 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccvrtrst.dll MOD - [2012-06-16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe MOD - [2012-06-16 03:24:18 | 000,146,896 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvc.dll MOD - [2012-06-16 03:24:17 | 000,323,024 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccset.dll MOD - [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2012-06-05 17:47:27 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll MOD - [2012-06-02 01:04:25 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2012-06-02 01:02:32 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2012-06-02 01:02:32 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2012-05-25 22:10:58 | 000,052,120 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\userctxt.dll MOD - [2012-05-25 22:10:50 | 000,754,072 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\datastor.dll MOD - [2012-05-25 22:10:48 | 000,752,024 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\comm.dll MOD - [2012-05-22 02:37:12 | 000,085,968 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\efacli.dll MOD - [2012-04-04 15:46:34 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-04-04 15:46:28 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-04-04 15:46:28 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-03-09 13:38:04 | 000,169,912 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\sdkcmn.dll MOD - [2012-03-01 15:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2012-03-01 15:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2012-02-29 16:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2012-02-29 15:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2012-02-29 14:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2012-02-29 14:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2012-02-03 16:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll MOD - [2012-02-02 15:16:30 | 000,145,280 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\subsys\OlyLib\OlyBar.dll MOD - [2012-02-02 15:16:30 | 000,116,608 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\subsys\OlyLib\OlyGin.dll MOD - [2012-02-02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe MOD - [2011-12-14 17:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2011-12-12 06:38:42 | 002,760,120 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\symhtml.dll MOD - [2011-11-18 21:23:34 | 001,205,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2011-11-16 17:23:08 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2011-10-25 16:58:55 | 001,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll MOD - [2011-10-14 17:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2011-08-25 17:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-25 17:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-07-13 21:34:36 | 001,117,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Filters\offfiltx.dll MOD - [2011-06-22 17:23:52 | 001,217,024 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ipla\libeay32.dll MOD - [2011-06-22 17:23:52 | 000,237,056 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ipla\ssleay32.dll MOD - [2011-06-17 00:08:56 | 001,101,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll MOD - [2011-06-17 00:08:56 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-17 00:08:50 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 00:08:50 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-17 00:08:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll MOD - [2011-06-15 17:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-05-17 08:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2011-05-02 18:16:14 | 000,739,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll MOD - [2011-04-28 15:14:56 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-03-29 09:00:00 | 003,663,872 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax MOD - [2011-03-29 09:00:00 | 001,003,520 | ---- | M] (Gabest) -- C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll MOD - [2011-03-10 18:03:51 | 001,162,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll MOD - [2011-03-10 18:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll MOD - [2011-03-03 16:40:05 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2011-03-03 11:40:46 | 000,552,960 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax MOD - [2011-03-03 11:40:08 | 000,150,528 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkx.dll MOD - [2011-03-03 11:38:54 | 000,154,112 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\ts.dll MOD - [2011-03-03 11:35:32 | 000,080,384 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll MOD - [2011-03-03 11:35:26 | 000,024,576 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll MOD - [2011-03-02 16:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-01-20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2011-01-20 17:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2011-01-20 17:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2011-01-20 17:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2011-01-20 17:07:16 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2011-01-20 17:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2011-01-17 15:54:02 | 000,175,912 | ---- | M] (Conduit Ltd.) -- C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll MOD - [2010-12-28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll MOD - [2010-11-04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe MOD - [2010-09-23 01:10:22 | 000,039,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Mail\wlmimefilter32.dll MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-08-31 16:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll MOD - [2010-08-26 17:37:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-06-18 18:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-05-04 20:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-03-15 10:28:22 | 000,142,336 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-12-04 19:28:51 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2009-11-08 09:55:32 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll MOD - [2009-10-23 18:10:19 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2009-10-01 02:02:04 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2009-10-01 02:02:02 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2009-10-01 02:01:59 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-09-25 03:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-09-10 17:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll MOD - [2009-09-04 12:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2009-08-11 17:52:46 | 000,132,608 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-11 20:01:41 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-06-15 15:51:38 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-06-10 12:41:46 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL MOD - [2009-05-08 23:42:50 | 000,629,760 | ---- | M] (DivX, Inc.) -- C:\Program Files\VistaCodecPack\filters\DivXDecH264.ax MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:28 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll MOD - [2009-04-11 07:28:26 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll MOD - [2009-04-11 07:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll MOD - [2009-04-11 07:28:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-04-11 07:28:25 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpband.dll MOD - [2009-04-11 07:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll MOD - [2009-04-11 07:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll MOD - [2009-04-11 07:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-04-11 07:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,576,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll MOD - [2009-04-11 07:28:24 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll MOD - [2009-04-11 07:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-04-11 07:28:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2009-04-11 07:28:24 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2009-04-11 07:28:23 | 001,823,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2009-04-11 07:28:23 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll MOD - [2009-04-11 07:28:23 | 001,381,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Query.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll MOD - [2009-04-11 07:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-04-11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll MOD - [2009-04-11 07:28:23 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll MOD - [2009-04-11 07:28:23 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2009-04-11 07:28:22 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll MOD - [2009-04-11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2009-04-11 07:28:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2009-04-11 07:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-04-11 07:28:22 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll MOD - [2009-04-11 07:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2009-04-11 07:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-04-11 07:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2009-04-11 07:28:20 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2009-04-11 07:28:20 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll MOD - [2009-04-11 07:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:20 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-04-11 07:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll MOD - [2009-04-11 07:28:19 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2009-04-11 07:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-04-11 07:28:19 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll MOD - [2009-04-11 07:28:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll MOD - [2009-04-11 07:28:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2009-04-11 07:28:19 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-04-11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-04-11 07:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-04-11 07:28:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll MOD - [2009-04-11 07:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2009-04-11 07:28:18 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2009-04-11 07:28:18 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2009-04-11 07:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll MOD - [2009-04-11 07:28:18 | 001,209,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll MOD - [2009-04-11 07:28:18 | 001,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll MOD - [2009-04-11 07:28:18 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll MOD - [2009-04-11 07:28:18 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-04-11 07:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-04-11 07:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-04-11 07:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2009-04-11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe MOD - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe MOD - [2009-04-11 07:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe MOD - [2009-04-11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-04-11 07:27:12 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2009-04-11 07:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2009-04-11 07:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-03-30 05:42:17 | 000,115,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll MOD - [2009-03-30 05:42:14 | 000,074,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll MOD - [2009-02-26 16:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL MOD - [2009-02-26 14:24:50 | 000,071,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL MOD - [2009-01-12 15:50:46 | 004,736,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll MOD - [2009-01-12 15:50:42 | 000,271,760 | ---- | M] (Cyberlink) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll MOD - [2009-01-12 15:50:42 | 000,259,480 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll MOD - [2009-01-12 15:50:42 | 000,120,216 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll MOD - [2009-01-12 15:50:42 | 000,038,184 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll MOD - [2009-01-12 15:50:40 | 000,345,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll MOD - [2009-01-12 15:50:38 | 000,062,832 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll MOD - [2009-01-12 15:50:36 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\MFC71.dll MOD - [2009-01-12 15:50:36 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\msvcp71.dll MOD - [2009-01-12 15:50:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\msvcr71.dll MOD - [2009-01-12 15:50:08 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe MOD - [2009-01-12 15:50:06 | 000,066,856 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Helper.dll MOD - [2009-01-12 15:49:44 | 000,075,048 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll MOD - [2009-01-12 15:49:44 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll MOD - [2008-08-08 06:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe MOD - [2008-07-27 19:03:16 | 000,037,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll MOD - [2008-07-27 19:03:11 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll MOD - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe MOD - [2008-03-28 10:19:10 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008-03-28 10:18:58 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll MOD - [2008-03-28 10:05:14 | 003,074,560 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll MOD - [2008-03-28 09:51:30 | 004,088,320 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll MOD - [2008-02-04 12:29:02 | 000,688,128 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe MOD - [2008-01-21 03:25:33 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnssci.dll MOD - [2008-01-21 03:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2008-01-21 03:25:18 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll MOD - [2008-01-21 03:25:17 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpshell.dll MOD - [2008-01-21 03:25:15 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL MOD - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe MOD - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe MOD - [2008-01-21 03:25:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2008-01-21 03:25:01 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2008-01-21 03:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2008-01-21 03:24:57 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll MOD - [2008-01-21 03:24:56 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2008-01-21 03:24:56 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2008-01-21 03:24:54 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll MOD - [2008-01-21 03:24:54 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2008-01-21 03:24:54 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2008-01-21 03:24:54 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2008-01-21 03:24:54 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2008-01-21 03:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:48 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2008-01-21 03:24:47 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2008-01-21 03:24:47 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:46 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll MOD - [2008-01-21 03:24:46 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2008-01-21 03:24:45 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2008-01-21 03:24:41 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2008-01-21 03:24:41 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:37 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2008-01-21 03:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2008-01-21 03:24:29 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2008-01-21 03:24:28 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2008-01-21 03:24:28 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:25 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:24:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2008-01-21 03:24:13 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2008-01-21 03:24:12 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll MOD - [2008-01-21 03:24:11 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2008-01-21 03:24:07 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll MOD - [2008-01-21 03:24:06 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2008-01-21 03:24:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2008-01-21 03:24:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2008-01-21 03:24:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2008-01-21 03:23:58 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll MOD - [2008-01-21 03:23:54 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2008-01-21 03:23:53 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll MOD - [2008-01-21 03:23:53 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2008-01-21 03:23:50 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2008-01-21 03:23:50 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2008-01-21 03:23:45 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2008-01-21 03:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 03:23:39 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll MOD - [2008-01-21 03:23:39 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll MOD - [2008-01-21 03:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe MOD - [2008-01-16 16:56:02 | 000,647,168 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwNamespaceExt.dll MOD - [2008-01-16 16:55:16 | 000,368,640 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwNeLib.dll MOD - [2008-01-16 16:31:26 | 000,180,224 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btwpimif.dll MOD - [2008-01-16 16:29:58 | 000,233,472 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btosif.dll MOD - [2008-01-16 16:19:58 | 000,184,320 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BTNCopy.dll MOD - [2008-01-16 16:15:32 | 000,602,112 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btwapi.dll MOD - [2008-01-16 16:10:52 | 005,271,552 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btrez.dll MOD - [2007-11-20 07:45:22 | 000,003,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamplk.dll MOD - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe MOD - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe MOD - [2007-05-31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe MOD - [2007-05-31 08:21:18 | 000,223,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapistub.dll MOD - [2007-05-31 08:21:04 | 000,105,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapi.dll MOD - [2007-05-31 08:21:00 | 000,075,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ceutil.dll MOD - [2007-05-31 08:20:56 | 000,058,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdsyncman.dll MOD - [2007-05-31 08:20:28 | 000,024,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcescommproxy.dll MOD - [2007-05-31 08:20:24 | 000,024,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapiproxystub.dll MOD - [2007-05-11 12:55:40 | 000,098,816 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\BIB.dll MOD - [2007-05-11 12:49:16 | 013,215,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.dll MOD - [2007-05-11 12:48:40 | 002,281,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\CoolType.dll MOD - [2007-05-11 12:47:18 | 000,674,816 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\ACE.dll MOD - [2007-05-11 12:46:56 | 004,905,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AGM.dll MOD - [2007-05-11 10:51:42 | 000,152,064 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\BIBUtils.dll MOD - [2007-04-16 07:56:10 | 000,389,120 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\AdobeXMP.dll MOD - [2007-01-23 20:39:44 | 000,443,904 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\JP2KLib.dll MOD - [2006-11-02 13:35:33 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehProxy.dll MOD - [2006-11-02 13:35:21 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\wlsrvc.dll MOD - [2006-11-02 13:34:50 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2006-11-02 13:34:48 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2006-11-02 13:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2006-11-02 13:34:30 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dinput.dll MOD - [2006-11-02 10:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2006-11-02 10:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll MOD - [2006-11-02 10:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2006-11-02 10:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2006-11-02 10:46:13 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shimeng.dll MOD - [2006-11-02 10:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll MOD - [2006-11-02 10:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll MOD - [2006-11-02 10:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll MOD - [2006-11-02 10:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 10:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2006-11-02 10:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2006-11-02 10:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2006-11-02 10:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2006-11-02 10:46:05 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2006-11-02 10:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2006-11-02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2006-11-02 10:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2006-11-02 10:46:02 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2006-11-02 10:42:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcint.dll MOD - [2006-11-02 09:48:55 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll MOD - [2006-11-02 09:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2006-10-23 10:01:42 | 000,108,144 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRdIF.dll MOD - [2005-07-22 08:21:46 | 000,032,768 | ---- | M] () -- C:\Program Files\MP3 Player Utilities 4.10\AMVConverter\AmvTransform.dll MOD - [2003-12-26 10:26:20 | 000,137,728 | ---- | M] () -- C:\Program Files\Kongsoft\Easy CD Ripper\MenuHandler.dll MOD - [2003-02-21 11:42:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll ========== Services (SafeList) ========== SRV - [2013-01-12 21:38:39 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-09 01:06:57 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-06-16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe -- (NIS) SRV - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012-02-10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2012-01-20 10:51:30 | 000,276,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe -- (PCSUService) SRV - [2009-12-01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-10-14 15:42:38 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2009-08-11 17:53:08 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe -- (UI Assistant Service) SRV - [2008-06-27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -- (STacSV) SRV - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008-03-26 14:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20130116.018\NAVEX15.SYS -- (NAVEX15) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20130116.018\NAVENG.SYS -- (NAVENG) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\hp\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO) DRV - [2012-10-24 00:34:24 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20130107.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2012-10-18 18:24:06 | 000,097,440 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SMR311.SYS -- (SMR311) DRV - [2012-09-06 03:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20130113.001\IDSvix86.sys -- (IDSVix86) DRV - [2012-08-13 19:30:43 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2012-08-12 00:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012-08-09 22:01:55 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012-07-06 03:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\NIS\1309000.009\srtsp.sys -- (SRTSP) DRV - [2012-07-06 03:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1309000.009\srtspx.sys -- (SRTSPX) DRV - [2012-06-07 05:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1309000.009\ccsetx86.sys -- (ccSet_NIS) DRV - [2012-05-22 02:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1309000.009\symefa.sys -- (SymEFA) DRV - [2012-04-18 03:13:32 | 000,345,208 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1309000.009\symtdiv.sys -- (SYMTDIv) DRV - [2012-04-18 02:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1309000.009\ironx86.sys -- (SymIRON) DRV - [2012-03-29 07:28:25 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1309000.009\symds.sys -- (SymDS) DRV - [2009-12-01 09:35:54 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-16 12:00:16 | 000,013,312 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\SWSetup\SP46501\iscflash.sys -- (iscFlash) DRV - [2009-04-22 15:35:04 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009-04-11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2009-02-02 17:14:20 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009-02-02 17:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009-02-02 17:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009-01-12 15:50:04 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/06/09 13:04:42] [Kernel | Auto | Running] -- C:\Program Files\HP\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) DRV - [2008-06-27 19:44:18 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008-05-02 09:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-05-02 09:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-05-02 09:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008-05-02 09:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-04-27 10:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-04-14 23:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2008-04-14 20:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-01 12:14:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-03-28 12:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008-03-27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2008-03-27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008-03-26 17:28:08 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-01-23 22:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-01-07 21:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Amddfltr.sys -- (Amddfltr) DRV - [2007-08-13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2007-07-11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-11-02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-10-29 21:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3220&q={searchTerms} IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms} IE - HKLM\..\SearchScopes\{E673692D-D93A-4A1E-917C-CD4A05605833}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\.DEFAULT\..\SearchScopes\{9B3712E9-B972-413D-A123-3801D4192562}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\S-1-5-18\..\SearchScopes\{9B3712E9-B972-413D-A123-3801D4192562}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110000&tt=090212_noffx&babsrc=SP_ss&mntrId=2be0296600000000000000226920baa2 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms} IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3220&q={searchTerms} IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{E673692D-D93A-4A1E-917C-CD4A05605833}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaulturl: "http://websearch.just-browse.info/?l=1&q=" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "http://search.certified-toolbar.com?si=41460&home=true&tid=3220" FF - prefs.js..extensions.enabledAddons: cacaoweb%40cacaoweb.org:1.0.30 FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.7 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3790 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.17 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013 FF - prefs.js..keyword.URL: "http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "http://search.certified-toolbar.com?si=41460&home=true&tid=3220" FF - prefs.js..keyword.URL: "http://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q=" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.useDBForOrder: false FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-06-24 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\IPSFFPlgn\ [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\coFFPlgn\ [2013-01-22 13:25:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2010-06-24 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-22 10:33:18 | 000,000,000 | ---D | M] [2010-10-12 17:11:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Extensions [2013-01-22 10:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions [2010-10-16 21:58:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-01-22 10:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\{b8c34bad-92d0-480c-85cc-1a74f02bc0da} [2013-01-22 10:33:22 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\50f33bceb0eed@50f33bceb0f27.com [2011-07-23 00:16:21 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\cacaoweb@cacaoweb.org [2012-12-20 00:06:35 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\extensions\firebug@software.joehewitt.com.xpi [2012-08-25 21:53:38 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-01-13 23:40:53 | 000,003,269 | ---- | M] () -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\searchplugins\Web Search.xml [2013-01-13 23:36:27 | 000,000,556 | ---- | M] () -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\searchplugins\WebSearch.xml [2013-01-22 10:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-01-22 10:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-12 21:38:39 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-02-17 09:58:32 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll ========== Chrome ========== CHR - homepage: http://websearch.just-browse.info/ CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidphlojnhblpolbjemjnpadploaalhl\1\ O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SaveAs) - {562611BF-554D-C7EF-43BA-85EE2DD1CD7E} - C:\ProgramData\SaveAs\50f33bceb1080.dll () O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (DownTango Launcher) - {a2b1552c-6264-4922-9c10-7476f942c3d1} - C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll (Simplytech Ltd.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (DownTango Launcher) - {a2b1552c-6264-4922-9c10-7476f942c3d1} - C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll (Simplytech Ltd.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Olympus ib] C:\Program Files\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [UIExec] C:\Program Files\Netia\Mobilny Internet\UIExec.exe () O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [cacaoweb] C:\Users\hp\AppData\Roaming\cacaoweb\cacaoweb.exe () O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [GG] C:\Users\hp\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKU\.DEFAULT..\RunOnce: [] File not found O4 - HKU\S-1-5-18..\RunOnce: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [] File not found O4 - HKU\S-1-5-20..\RunOnce: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19E04987-082A-4DDC-A462-1F40C8DA516E}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFCF1368-503C-4ECF-9FBA-C39CD157AF40}: NameServer = 87.204.204.204,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCC5C337-101A-44DC-9D74-F2D51D9DCD91}: NameServer = 87.204.204.204,8.8.8.8 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (c:\progra~1\saveas\sprote~1.dll) - c:\Program Files\SaveAs\sprotector.dll () O20 - AppInit_DLLs: (c:\progra~1\justbr~1\sprote~1.dll) - c:\Program Files\JustBrowse\sprotector.dll () O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{25f93cbc-96ac-11df-8334-00218673ca54}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe O33 - MountPoints2\{25f93cbc-96ac-11df-8334-00218673ca54}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe O33 - MountPoints2\{5505614f-ac81-11e1-b9e9-00218673ca54}\Shell - "" = AutoRun O33 - MountPoints2\{5505614f-ac81-11e1-b9e9-00218673ca54}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c066495f-34ff-11e0-93d9-00218673ca54}\Shell\AutoRun\command - "" = g8k.exe O33 - MountPoints2\{c066495f-34ff-11e0-93d9-00218673ca54}\Shell\open\Command - "" = g8k.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ========== Files/Folders - Created Within 60 Days ========== [2013-01-22 13:27:54 | 000,000,000 | R--D | C] -- C:\Users\hp\Desktop\Nowy folder [2013-01-19 14:26:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013-01-19 14:26:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013-01-13 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownTango [2013-01-13 23:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search [2013-01-13 23:40:56 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\DDownTango1aToolbar [2013-01-13 23:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\DDownTango1aToolbar [2013-01-13 23:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\Protected Search [2013-01-13 23:40:44 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\DownTango [2013-01-13 23:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Red Sky [2013-01-13 23:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Cloud Software LTD [2013-01-13 23:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\JustBrowse [2013-01-13 23:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro [2013-01-13 23:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013-01-13 23:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\SaveAs [2013-01-13 23:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs [2013-01-13 23:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveAs [2013-01-13 23:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013-01-12 21:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(9) [2013-01-12 21:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-01-04 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\Zatrudnienie [2012-12-12 10:07:23 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\kazania [2012-12-07 09:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-12-07 09:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-06-09 18:03:27 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe [2010-06-09 18:03:06 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe [2010-06-09 18:02:44 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe [2010-06-09 18:02:23 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe [2010-06-09 18:01:56 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 60 Days ========== [2013-01-22 13:36:17 | 001,495,500 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2013-01-22 13:36:17 | 000,672,390 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2013-01-22 13:36:17 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013-01-22 13:36:17 | 000,130,766 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2013-01-22 13:36:17 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013-01-22 13:33:56 | 004,718,592 | -HS- | M] () -- C:\Users\hp\ntuser.dat [2013-01-22 13:29:11 | 000,050,176 | ---- | M] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-22 13:27:46 | 000,000,269 | ---- | M] () -- C:\ProgramData\hpqp.ini [2013-01-22 13:27:28 | 000,436,224 | ---- | M] () -- C:\Users\hp\Desktop\cacaoweb.exe [2013-01-22 13:26:31 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-01-22 13:25:10 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-22 13:25:09 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-22 13:24:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2013-01-22 13:24:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-22 13:24:48 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2013-01-22 10:39:49 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013-01-22 10:35:57 | 192,715,598 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013-01-19 14:35:51 | 000,524,288 | -HS- | M] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000002.regtrans-ms [2013-01-19 14:35:51 | 000,065,536 | -HS- | M] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TM.blf [2013-01-19 14:35:48 | 002,377,088 | -H-- | M] () -- C:\Users\hp\AppData\Local\IconCache.db [2013-01-17 22:34:58 | 000,001,356 | ---- | M] () -- C:\Users\hp\AppData\Local\d3d9caps.dat [2013-01-14 00:05:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-13 23:56:02 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-01-13 23:42:10 | 000,000,936 | ---- | M] () -- C:\Users\hp\Desktop\DownTango.lnk [2013-01-13 23:40:36 | 000,000,014 | ---- | M] () -- C:\end [2013-01-13 23:36:09 | 000,000,859 | ---- | M] () -- C:\Users\hp\Desktop\Optimizer Pro.lnk [2013-01-12 18:04:33 | 000,001,971 | ---- | M] () -- C:\Users\hp\Desktop\Google Chrome.lnk [2013-01-09 18:25:47 | 000,304,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-01-08 18:58:04 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhp.job [2013-01-05 20:10:52 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\AppleSoftwareUpdate.job [2012-12-07 09:30:48 | 000,001,880 | ---- | M] () -- C:\Users\hp\Desktop\Skype.lnk [2012-12-03 02:54:32 | 000,011,264 | ---- | M] () -- C:\Windows\Launcher.exe [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013-01-19 14:35:48 | 002,377,088 | -H-- | C] () -- C:\Users\hp\AppData\Local\IconCache.db [2013-01-19 14:26:01 | 3218,956,288 | -HS- | C] () -- C:\hiberfil.sys [2013-01-19 14:25:53 | 192,715,598 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013-01-13 23:42:10 | 000,000,936 | ---- | C] () -- C:\Users\hp\Desktop\DownTango.lnk [2013-01-13 23:40:57 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe [2013-01-13 23:40:33 | 000,000,014 | ---- | C] () -- C:\end [2013-01-13 23:36:09 | 000,000,859 | ---- | C] () -- C:\Users\hp\Desktop\Optimizer Pro.lnk [2012-12-24 23:19:05 | 003,733,661 | ---- | C] () -- C:\Users\hp\Documents\PA210015.JPG [2012-12-24 23:19:05 | 003,655,562 | ---- | C] () -- C:\Users\hp\Documents\PA210010.JPG [2012-12-24 23:19:05 | 003,654,756 | ---- | C] () -- C:\Users\hp\Documents\PA210004.JPG [2012-12-24 23:19:05 | 003,650,385 | ---- | C] () -- C:\Users\hp\Documents\PA210012.JPG [2012-12-24 23:19:05 | 003,650,112 | ---- | C] () -- C:\Users\hp\Documents\PA210005.JPG [2012-12-24 23:19:05 | 003,640,501 | ---- | C] () -- C:\Users\hp\Documents\PA210007.JPG [2012-12-24 23:19:05 | 003,623,897 | ---- | C] () -- C:\Users\hp\Documents\PA210014.JPG [2012-12-24 23:19:05 | 003,613,002 | ---- | C] () -- C:\Users\hp\Documents\PA210011.JPG [2012-12-24 23:19:05 | 003,578,865 | ---- | C] () -- C:\Users\hp\Documents\PA210016.JPG [2012-12-24 23:19:05 | 003,567,985 | ---- | C] () -- C:\Users\hp\Documents\PA210001.JPG [2012-12-24 23:19:05 | 003,524,524 | ---- | C] () -- C:\Users\hp\Documents\PA210009.JPG [2012-12-24 23:19:05 | 003,523,954 | ---- | C] () -- C:\Users\hp\Documents\PA210002.JPG [2012-12-24 23:19:05 | 003,506,741 | ---- | C] () -- C:\Users\hp\Documents\PA210008.JPG [2012-12-24 23:19:05 | 003,492,704 | ---- | C] () -- C:\Users\hp\Documents\PA210013.JPG [2012-12-24 23:19:05 | 003,364,904 | ---- | C] () -- C:\Users\hp\Documents\PA210003.JPG [2012-12-24 23:19:05 | 003,350,401 | ---- | C] () -- C:\Users\hp\Documents\PA210006.JPG [2012-12-12 01:33:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-12-12 01:33:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-12-07 09:30:48 | 000,001,880 | ---- | C] () -- C:\Users\hp\Desktop\Skype.lnk [2012-11-03 18:25:34 | 000,002,432 | ---- | C] () -- C:\Users\hp\AppData\Local\TempML4996.html [2012-10-31 22:11:56 | 000,002,432 | ---- | C] () -- C:\Users\hp\AppData\Local\TempXB2448.html [2012-10-31 22:11:56 | 000,002,089 | ---- | C] () -- C:\Users\hp\AppData\Local\TempLM2448.html [2012-06-26 22:08:19 | 003,672,770 | ---- | C] () -- C:\Users\hp\Scan.jpg [2011-02-22 21:42:09 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000002.regtrans-ms [2011-02-22 21:42:09 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000001.regtrans-ms [2011-02-22 21:42:09 | 000,065,536 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TM.blf [2011-01-17 21:38:41 | 003,682,304 | ---- | C] () -- C:\Users\hp\s-1-5-21-168299090-1096314759-280584690-1000.rrr [2010-09-01 23:30:51 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010-07-01 18:14:35 | 000,001,356 | ---- | C] () -- C:\Users\hp\AppData\Local\d3d9caps.dat [2010-06-21 21:47:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-06-21 09:10:24 | 000,050,176 | ---- | C] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-09 12:04:42 | 000,000,269 | ---- | C] () -- C:\ProgramData\hpqp.ini [2009-12-02 13:45:59 | 000,071,528 | ---- | C] () -- C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT [2009-12-02 13:33:48 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2009-12-02 13:33:48 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2009-12-02 13:33:48 | 000,065,536 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2009-12-02 13:33:48 | 000,000,020 | -HS- | C] () -- C:\Users\hp\ntuser.ini [2009-12-02 13:33:47 | 004,718,592 | -HS- | C] () -- C:\Users\hp\ntuser.dat ========== ZeroAccess Check ========== [2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== ========== Purity Check ========== ========== Custom Scans ========== < %systemdrive%\*.* > [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2013-01-13 23:40:36 | 000,000,014 | ---- | M] () -- C:\end [2013-01-22 13:24:48 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2010-11-24 01:52:44 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-24 01:52:44 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009-07-07 09:30:20 | 000,000,628 | ---- | M] () -- C:\NetworkCfg.xml [2013-01-22 13:24:45 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys [2013-01-13 23:40:56 | 000,000,129 | ---- | M] () -- C:\SetSearchAndHomepageInBrowserLog.txt [2012-02-14 08:43:26 | 000,000,240 | ---- | M] () -- C:\user.js [2011-04-22 14:07:31 | 000,002,304 | ---- | M] () -- C:\{1D71C8FF-B0CB-4B02-ACE8-C5B28E796AC3} [2011-10-13 23:29:09 | 000,002,472 | ---- | M] () -- C:\{26925EF2-CB29-4FBC-A1FE-4774A5684C0B} [2011-04-22 18:30:21 | 000,002,368 | ---- | M] () -- C:\{52115126-C1B5-4AE3-8468-CAD2C9435483} [2011-03-08 13:36:28 | 000,002,368 | ---- | M] () -- C:\{5AF059B7-2BDF-46DC-AC9C-7538B06A6E50} [2011-03-08 13:38:44 | 000,002,448 | ---- | M] () -- C:\{9082D02F-1EB8-4D22-9A39-596CF1B20947} [2011-04-22 16:00:20 | 000,002,440 | ---- | M] () -- C:\{B125525A-B702-4787-90E8-615F34CD2AB3} [2011-04-22 14:11:52 | 000,002,480 | ---- | M] () -- C:\{C0489287-CEEC-43E5-9051-51773D5EBBBB} < MD5 for: AGP440.SYS > [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\ProgramData\SMR311\Archive\agp440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Users\All Users\SMR311\Archive\agp440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\ProgramData\SMR311\Archive\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\All Users\SMR311\Archive\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: BEEP.SYS > [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\ProgramData\SMR311\Archive\Beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Users\All Users\SMR311\Archive\Beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys < MD5 for: CDROM.SYS > [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\ProgramData\SMR311\Archive\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\All Users\SMR311\Archive\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys < MD5 for: EVENTLOG.DLL > [2007-01-12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll < MD5 for: NDIS.SYS > [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\ProgramData\SMR311\Archive\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Users\All Users\SMR311\Archive\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys < MD5 for: WINLOGON.EXE > [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\hp\Desktop\m-legion-bdrip.avi:TOC.WMV @Alternate Data Stream - 24 bytes -> C:\Windows:2EDB1FD6807D48C4 @Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:D1B5B4F1 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:373E1720 < End of report > [/spoiler] Info: [spoiler]info.txt logfile of random's system information tool 1.09 2013-01-22 14:07:19 ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} 3D Ultra Pinball Thrillride-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1AB76C0-333F-11D5-BF46-0002B306C443}\Setup.exe" Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{FE23D063-934D-4829-A0D8-00634CE79B4A} Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin Adobe Reader 8.1.0 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81000000003} Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A} Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {04E205D6-88B1-4652-B162-42DF2C3B1228} Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86} Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {128A36ED-21BE-4547-9FFE-5B85AEC735DD} AMD Driver Support for HP 3D DriverGuard-->MsiExec.exe /X{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF} AP Tuner 3.08-->"C:\Program Files\AP Tuner\AP Tuner 3.08\uninstall.exe" Apple Software Update-->MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C} Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0015 Babylon toolbar on IE-->"C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe" Bing Bar-->MsiExec.exe /X{D6C3C9E7-D334-4918-BD57-5B1EF14C207D} Budzik 1.04-->"C:\Program Files\Budzik\unins000.exe" Catalyst Control Center - Branding-->MsiExec.exe /I{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74} Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E} Centrum obsługi urządzeń z systemem Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917} Cicero v1.0-->"C:\Program Files\Cicero\unins000.exe" Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3} Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560} Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E} CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD" Conduit Engine -->C:\Program Files\ConduitEngine\ConduitEngineUninstall.exe engine CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DevalVR plugin for Internet Explorer (remove)-->C:\Program Files\DevalVR\installdevalvr.exe /u Digital Photo Navigator 1.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}\setup.EXE" -l0x9 DigitalPersona Personal 4.11-->MsiExec.exe /I{47F3EDF5-C821-49E6-B9B3-D00BF0A9BAB8} DownTango Launcher 2.1-->"C:\Program Files\DDownTango1aToolbar\unins000.exe" DownTango-->C:\Program Files\Red Sky\DownTango\Uninstaller.exe DVDVideoSoftTB Toolbar-->C:\Program Files\DVDVideoSoftTB\uninstall.exe Easy CD Ripper 2.26-->C:\Program Files\Kongsoft\Easy CD Ripper\uninst.exe Everio MediaBrowser HD Edition-->"C:\Program Files\InstallShield Installation Information\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}\setup.exe" -runfromtemp -l0x0015UNINSTALL -removeonly Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} Free Video to JPG Converter version 1.8-->"C:\Program Files\DVDVideoSoft\Free Video to JPG Converter\unins000.exe" Fundusze Unijne dla Firm i Instytucji-->"C:\Program Files\Fundusze Unijne dla Firm i Instytucji\uninstall.exe" "/U:C:\Program Files\Fundusze Unijne dla Firm i Instytucji\Uninstall\uninstall.xml" Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} Google Chrome-->"C:\Program Files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409 HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly HP Deskjet 2050 J510 series Badanie ulepszeń produktu-->MsiExec.exe /I{D3CE109F-10BB-4048-A8CB-72FD23FA34F4} HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia-->MsiExec.exe /I{DD2469BA-DDE0-4296-A021-501559DD96C0} HP Deskjet 2050 J510 series Pomoc-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F} HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F} HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly HP Integrated Module with Bluetooth wireless technology 6.0.1.6200-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D} HP Photo Creations-->C:\Program Files\HP Photo Creations\uninst.exe HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0015 uninst HP QuickPlay 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall HP QuickTouch 1.00 D2-->MsiExec.exe /I{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F} HP Update-->MsiExec.exe /X{DDD5104F-1C44-49EB-9E6B-29EC5D27658B} HP User Guides 0102-->MsiExec.exe /I{F48098CD-2D66-4861-85EC-DC1D4D09D5F9} HP Wireless Assistant-->MsiExec.exe /I{A5CE7175-080D-49AC-B5A3-E7E3502428F5} HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4} IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x15 -remove -removeonly Informator 1.2.0.426-->"C:\Program Files\Informator\unins000.exe" ipla 2.4-->C:\Program Files\ipla\uninst.exe iPlus manager 2.2-->"C:\Program Files\iPlus\unins000.exe" Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF} Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} JMicron JMB38X Flash Media Controller-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" -l0x9 -removeonly Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} K-Lite Mega Codec Pack 7.1.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile PLK Language Pack-->MsiExec.exe /X{321320E1-0E5A-36CB-9E52-F3B201B8C4D4} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {0C8AB602-A234-45AB-B355-4C863C1D2FA8} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {01CC3B2D-70DB-49DC-839A-A923D2A39EA4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (Polish)-->MsiExec.exe /X{95120000-00AF-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {9CC96D78-9E1D-46E0-AF4D-3EB440CD4619} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3} Mobilny Internet-->"C:\Program Files\InstallShield Installation Information\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}\setup.exe" -runfromtemp -l0x0015 -removeonly Mozilla Firefox 18.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe" MP3 Player Utilities 4.10-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\19.9.0.9\InstStub.exe /X /ARP OLYMPUS Digital Camera Updater-->MsiExec.exe /X{249AF4F3-0353-4C75-988D-019FCD52B4D4} Olympus ib-->"C:\Program Files\InstallShield Installation Information\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\setup.exe" /z-uninstall Olympus ib-->"C:\Program Files\InstallShield Installation Information\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\setup.exe" /z-uninstall OLYMPUS Viewer 2-->MsiExec.exe /X{894A754D-8B40-4543-89B3-F30A49A8565A} Optimizer Pro v3.0-->"C:\Program Files\Optimizer Pro\unins000.exe" Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)-->C:\PROGRA~1\DIFX\25C232B9F73C1237\DPInst.exe /d /u C:\Windows\System32\DriverStore\FileRepository\olycamcomm.inf_ac7d07ea\olycamcomm.inf Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE} Pasek narzędzi AOL 5.0-->"C:\Program Files\AOL\Pasek narzędzi AOL 5.0\uninstall.exe" PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} Płyta ucznia-->C:\Program Files\Plyta ucznia\Uninstal.exe Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ClientLP Pomocnik Messenger-->MsiExec.exe /I{BD8DA595-F501-4ABE-85A0-5C23E82472A0} Poradnik Antykryzysowy 2010-->"C:\Program Files\Poradnik Antykryzysowy 2010\uninstall.exe" "/U:C:\Program Files\Poradnik Antykryzysowy 2010\Uninstall\uninstall.xml" Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall Protected Search 1.1-->"C:\Program Files\Protected Search\unins000.exe" ProtectSmart Hard Drive Protection-->MsiExec.exe /X{DD876490-252F-4EEF-B205-2E8F5A6E523B} Przyspiesz Komputer - Kompletna deinstalacja-->"C:\Program Files\Przyspiesz Komputer\unins000.exe" QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0015 -removeonly Registry Mechanic 9.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log Samsung CLP-310 Series-->C:\Program Files\Samsung\Samsung CLP-310 Series\Install\Setup.exe /R SaveAs 1.66-->"C:\Program Files\SaveAs\uninstall.exe" /FULLPATH="C:\Program Files\SaveAs" SaveAs-->"C:\ProgramData\SaveAs\uninstall.exe" /path=C:\ProgramData\SaveAs Search Assistant JustBrowse 1.66-->"C:\Program Files\JustBrowse\uninstall.exe" /FULLPATH="C:\Program Files\JustBrowse" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9} Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F} Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7} Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5} Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5} Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12} Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053} Startup Manager 2.4.2-->"C:\Program Files\Startup Manager\unins000.exe" swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TuxGuitar 1.1-->C:\Program Files\tuxguitar-1.1-jet\Uninstall.exe TuxGuitar 1.2-->C:\Program Files\TuxGuitar-Jet\Uninstall.exe Two Worlds Pinball-->C:\PROGRA~1\TWOWOR~1\Unwise.exe /U C:\PROGRA~1\TWOWOR~1\install.log Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C} Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C} Validity Sensors software-->MsiExec.exe /X{567E8236-C414-4888-8211-3D61608D57AE} Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Family Safety-->MsiExec.exe /I{0C6994E1-3AE1-4CDD-A760-1628E6B8CD03} Windows Live Family Safety-->MsiExec.exe /X{F53D678E-238F-4A71-9742-08BB6774E9DC} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live Messenger-->MsiExec.exe /X{2C7E8AA1-9C03-4606-BF34-5D99D07964DA} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live Remote Client Resources-->MsiExec.exe /I{C30628D8-D3A0-4F23-90F0-F145808087B6} Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF} Windows Live Remote Service Resources-->MsiExec.exe /I{201B5096-AF6E-423E-B987-023E040D9B42} Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{543E6ACA-51B7-4283-82F2-57C0582A53C5} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80} XTB-Trader FIX 4.00-->"C:\Program Files\XTB-Trader FIX\Uninstall.exe" "C:\Program Files\XTB-Trader FIX\install.log" ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: hp-PC Event Code: 7036 Message: Usługa Dysk wirtualny weszła w stan uruchomienia. Record Number: 2340239 Source Name: Service Control Manager Time Written: 20121203191138.000000-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 3 Message: Usługa została uruchomiona. Record Number: 2340238 Source Name: Virtual Disk Service Time Written: 20121203191138.000000-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 133 Message: Urządzenie \Device\CdRom0 jest zablokowane do wyłącznego dostępu. Record Number: 2340237 Source Name: cdrom Time Written: 20121203191109.478800-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 51 Message: Podczas operacji stronicowania wykryto błąd urządzenia \Device\CdRom0. Record Number: 2340236 Source Name: cdrom Time Written: 20121203191102.476800-000 Event Type: Ostrzeżenie User: Computer Name: hp-PC Event Code: 51 Message: Podczas operacji stronicowania wykryto błąd urządzenia \Device\CdRom0. Record Number: 2340235 Source Name: cdrom Time Written: 20121203191102.428800-000 Event Type: Ostrzeżenie User: =====Application event log===== Computer Name: hp-PC Event Code: 1000 Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie załadowane. Dane rekordu w sekcji danych zawierają nowe wartości indeksu przypisane do tej usługi. Record Number: 65263 Source Name: Microsoft-Windows-LoadPerf Time Written: 20111010193951.000000-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 1001 Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie usunięte. Dane rekordu zawierają nowe wartości wpisów Last Counter (ostatni licznik) i Last Help (ostatnia Pomoc) do Rejestru systemowego. Record Number: 65262 Source Name: Microsoft-Windows-LoadPerf Time Written: 20111010193951.000000-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 1000 Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie załadowane. Dane rekordu w sekcji danych zawierają nowe wartości indeksu przypisane do tej usługi. Record Number: 65261 Source Name: Microsoft-Windows-LoadPerf Time Written: 20111010170837.000000-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 1001 Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie usunięte. Dane rekordu zawierają nowe wartości wpisów Last Counter (ostatni licznik) i Last Help (ostatnia Pomoc) do Rejestru systemowego. Record Number: 65260 Source Name: Microsoft-Windows-LoadPerf Time Written: 20111010170837.000000-000 Event Type: Informacje User: Computer Name: hp-PC Event Code: 0 Message: Record Number: 65259 Source Name: gupdate Time Written: 20111010162714.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: hp-PC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: HP-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2c0 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 1622385 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121231200705.741327-000 Event Type: Sukces inspekcji User: Computer Name: hp-PC Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: HP-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x2c0 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Adres sieciowy: - Port: - To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 1622384 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121231200705.741327-000 Event Type: Sukces inspekcji User: Computer Name: hp-PC Event Code: 4672 Message: Przypisano specjalne uprawnienia do nowego logowania. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Uprawnienia: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 1622383 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121231200603.461327-000 Event Type: Sukces inspekcji User: Computer Name: hp-PC Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: HP-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Typ logowania: 5 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x2c0 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Nazwa stacji roboczej: Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: Advapi Pakiet uwierzytelniania: Negotiate Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 1622382 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121231200603.461327-000 Event Type: Sukces inspekcji User: Computer Name: hp-PC Event Code: 4648 Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: HP-PC$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Konto, którego poświadczenia zostały użyte: Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Serwer docelowy: Nazwa serwera docelowego: localhost Informacje dodatkowe: localhost Informacje o procesie: Identyfikator procesu: 0x2c0 Nazwa procesu: C:\Windows\System32\services.exe Informacje o sieci: Adres sieciowy: - Port: - To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS. Record Number: 1622381 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20121231200603.461327-000 Event Type: Sukces inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=17 "PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=0301 "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Pavilion "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ -----------------EOF----------------- [/spoiler] Extras: [spoiler]OTL Extras logfile created on: 2013-01-22 13:39:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hp\Desktop\Nowy folder Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,98% Memory free 6,21 Gb Paging File | 5,08 Gb Available in Paging File | 81,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,95 Gb Total Space | 95,94 Gb Free Space | 33,09% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,54 Gb Free Space | 18,97% Space Free | Partition Type: NTFS Computer Name: HP-PC | User Name: hp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableConfig" = 0 "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0151E82E-B491-4379-82C3-ABA4EECFB187}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{09DC1549-44F2-4456-9483-64B910A48BF9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe | "{0AD14EC8-26B4-4EEF-8C51-93C3D97AF580}" = rport=137 | protocol=17 | dir=out | app=system | "{0CC79213-2DB2-40F0-8C6E-B8F4E3082417}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{0F64B037-2549-4E05-8699-3BBEB1B30E1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{120CC1B1-5987-4225-A0BC-7DC084E2BFE7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{184BD8F3-BA9E-464D-BC44-2F2BBB860EE4}" = rport=445 | protocol=6 | dir=out | app=system | "{25281FED-579F-4539-BCEB-9D7C854B760F}" = rport=2869 | protocol=6 | dir=out | app=system | "{393EE194-966D-40E6-9FC4-834E42BCB5ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{394AD5F6-6A2F-44D2-95C8-2B69BDABF5A4}" = lport=2869 | protocol=6 | dir=in | app=system | "{46229F56-7254-4490-B42C-A3E0E1300273}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe | "{50CF6EDC-5C3E-4989-AECE-F2A7C768E9C1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{58331D06-2EB0-4C19-8422-65439B882BA2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5E956595-CFE2-4FB6-B985-C71BCAE154F3}" = lport=445 | protocol=6 | dir=in | app=system | "{5F7DFBAC-AECE-4BB4-A102-D22C9F8DD2C7}" = lport=138 | protocol=17 | dir=in | app=system | "{654730B8-A41F-4109-937D-5ABB78337DA9}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{699AB5FC-4A5B-4561-89D1-6A5303CA6837}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{6F977023-FBDE-42F8-88A1-01118AE9CE55}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{70B4F1B7-CD09-4D50-95A4-A34532362168}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{74B05C41-7641-4229-B2AD-01CEC804CF6B}" = lport=137 | protocol=17 | dir=in | app=system | "{7989B699-5882-4E2A-BFE7-8B7F41B5A569}" = lport=2869 | protocol=6 | dir=in | app=system | "{800B39C4-BF82-4527-BDB5-DF3407F9ADB8}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{83B83DF0-CEAC-4EAF-A1DF-D07B1EABE078}" = rport=139 | protocol=6 | dir=out | app=system | "{8634AA2E-AEAB-458F-821F-0EC304FAD4C2}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{891A7C87-F0E6-40B3-A4BC-6EF3FAFB3FBC}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{8BA257B2-4114-421C-A440-5CBB782F5307}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AC71319B-9FAE-4A1F-A276-E932DAA2F72D}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{B27A3AA1-9F40-4D50-B2CC-173DC10A5DFB}" = rport=138 | protocol=17 | dir=out | app=system | "{C364BE91-8E6D-41A2-996D-E10A289A8DFC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C4325037-B412-46F3-943D-7E00ED9EBC76}" = rport=10243 | protocol=6 | dir=out | app=system | "{C5EA3CF0-F183-46E7-893E-B98ECC77582D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | "{CCB6CA6F-20C1-45CB-836B-A3223B995F0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CF2D701F-8E07-4E73-862E-50D6253973A7}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{D3FC4031-4738-4821-846B-5BC1FA9826E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{E2D58D82-857B-44E1-9C3B-6212DD9B7B3A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{E61FB5AD-38FA-4FE6-95A0-B7E8084F9859}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E87D7491-B5CC-4D07-A9F6-3B663BDF1AAC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{F0396BB9-6942-46F7-ABD7-6A593E5575D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{F1BA8C8A-ACF6-4B45-AFE7-5BBEB6B6B604}" = lport=10243 | protocol=6 | dir=in | app=system | "{F39CFE75-099A-4572-A230-E4561672993B}" = lport=139 | protocol=6 | dir=in | app=system | "{F414E2A0-A00F-4543-B209-16605A040CD2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{FAE41C7C-47D8-4295-BD27-45CF56798192}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FB294673-AD01-4CB1-8A52-53B655DD1B66}" = lport=2869 | protocol=6 | dir=in | app=system | "{FC2D1DE6-3DF6-4969-A764-AA18109C459F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe | "{FCE87B5E-EA8C-46EF-9903-FA95569A7411}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04C0FFDD-B88B-456B-A9E6-A2A0F83809CB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{09908919-1AFD-448B-A5AE-4C1EF143105E}" = protocol=17 | dir=in | app=c:\program files\red sky\downtango\downtango.exe | "{0D016730-8949-4056-A96D-DDC8758FD49A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{11B7C6FB-7C6E-4769-8150-DBEFD5CFD5E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{13EAA4CE-1101-491E-87EA-044F0E5FB440}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1AB0663A-3227-4A61-BFE2-DB68984B0BE7}" = protocol=6 | dir=out | app=system | "{2646F3A2-D8EF-4FD4-8747-A5AAFA156D09}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{28205F54-A55A-4D70-817A-1D7C5783F3A6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{2EFC7E6E-9913-48B1-8F66-2E6AFC7F54EB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{35057A5D-C384-4F6A-85C9-D9F8E39C49C8}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{3710CAE6-6C99-48AB-AA29-2B9532B0AC44}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{4BBE2BA1-11FB-4F1D-B272-298DBF479CC0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{4BC3E29F-033B-4AC0-AE8F-218C055655F2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{4C2FF2DA-0535-4C46-8D72-F03E35EDAAEA}" = dir=out | app=c:\program files\protected search\protectedsearch.exe | "{5030E44A-3ECD-4FCD-A3AE-9370D47D383C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{53011F2D-D20A-46A5-A9F3-BFA0F7ABB93E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5586531D-E122-49CD-93B0-22B90BAE60EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5604ED20-8AD7-4563-8EA2-F84C8476367E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5A52653F-0EF8-4261-8E2A-1D981560EFC4}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{5BA71E0D-4A12-4BA0-89BB-7E5C4392EF05}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{5C9FA5E0-D240-4EB7-ADC4-6F074AED6421}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5E863BDC-57DD-4B70-B1F5-2DF84696C4DF}" = protocol=17 | dir=in | app=c:\program files\red sky\downtango\pyload-dist\pyloadcore.exe | "{5F957B20-5182-4391-9A82-9DE8D8962381}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{65358EB2-6A44-4F59-AFEB-9DC3506F0628}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{666107AF-AD1D-40B3-A333-71F07E411F3C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{678116D0-2FD4-458C-8C9D-68D013D912B9}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{70100D1B-D751-4D93-B989-856815D47EA6}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{74D823C2-4C6B-4A6F-92A2-CD91F080C070}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{7598C129-C398-4261-8F69-371AA3D23128}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{76AD8FF1-72C2-4C55-8F2A-33CAB991DB85}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{82B200EC-2A44-4663-A192-4460D6D2B011}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{89DBEE2C-348A-47CB-941D-13288DB3852E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{8AE17255-4327-42E7-AB05-F1EEF53AB04D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8D2F7B0E-06E5-47EC-96B3-75514B344209}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{9338CA6C-CACE-4B0B-9E02-90057B8201AA}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{980A62C0-6577-41BC-8380-DB89A5F2F875}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A3DB4246-4415-4A04-9A1D-29905F928836}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A8102F6F-E6F5-4449-B4E8-B6934341E629}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{AB289967-F166-4F45-BFF6-98BFD618DFA8}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{ACCCA3AB-2B17-46C1-ADAE-2587DE586654}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{AD52E77F-C2D1-46F2-9DC7-F2D6F1F3FDD5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{ADB4BB03-E342-43B0-92AA-582BE121A069}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AE0F122A-6D9E-4014-A876-6E40BD3687CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{AED8455A-5613-453E-9746-2FE48EB77A3A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B243779A-3C69-4256-AC35-62B8BD18DD17}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B6E96F87-C13C-41C6-98AF-49F5A80EC908}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{BFEE4B8F-DDDA-4152-8634-841F4BBB51D7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C460AC67-3968-46E7-91FB-2CC238E7C371}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{C9FA8622-3AB2-4CAE-A456-EE131C861CEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CB0FFFD0-4C4A-4990-B7F2-3EC93F96CFED}" = protocol=6 | dir=in | app=c:\program files\red sky\downtango\downtango.exe | "{D3F782E4-7C1C-4850-B0CF-EDA0D962A33A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E3C570CE-E00F-4A6B-A8F3-34B928424158}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E4038ECA-F231-490C-8A36-CA82CECE844D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E76C7D36-9ADD-4003-AE20-ABF5813F7C7D}" = dir=in | app=c:\program files\protected search\protectedsearch.exe | "{E8C574F8-3218-4920-9C74-82C686FC857E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F8E23EBC-954F-4CAC-BF9C-3FE876CB224D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F976D195-81BA-4910-B70A-1AF998F72F77}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{FBD13F9E-08AA-4B3D-B47A-33E13AC0C780}" = protocol=6 | dir=in | app=c:\program files\red sky\downtango\pyload-dist\pyloadcore.exe | "{FE24B717-4F99-4CEF-ABFA-4DB338B16D20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{3ADC0A0F-746B-46F0-89D1-463E60371BFD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{36F7DC00-7C28-45E8-B468-31E6CF59C9B0}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{024D1716-9F42-0039-06E5-F4279D6C4382}" = CCC Help Russian "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200 "{04556846-E511-3FE9-E824-3588075C8036}" = Catalyst Control Center Graphics Full Existing "{05CD72BE-7783-AAB9-0C05-2D8DBD2DD444}" = Catalyst Control Center Localization Dutch "{0612E132-33FF-4488-9C31-F8D485D6866D}" = Catalyst Control Center Graphics Light "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B3DB1B2-404C-AAA8-B32E-E65520EDE74D}" = CCC Help Polish "{0C6994E1-3AE1-4CDD-A760-1628E6B8CD03}" = Windows Live Family Safety "{10504622-2818-C312-55CC-A72D36A31DBC}" = CCC Help Swedish "{16726771-C380-4280-BAF9-1223B3838786}" = SaveAs "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{201B5096-AF6E-423E-B987-023E040D9B42}" = Windows Live Remote Service Resources "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{249AF4F3-0353-4C75-988D-019FCD52B4D4}" = OLYMPUS Digital Camera Updater "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2A34320A-56F9-9C4F-D325-77AC8A54C8B6}" = Catalyst Control Center Localization Japanese "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2C9FF444-79C0-C0C4-7B21-0E77C872AF53}" = CCC Help Danish "{2CA3E0A5-9281-6E67-1843-A6CC0B00BD74}" = Catalyst Control Center Localization French "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2 "{31775690-0E29-2AB1-75DE-C406152CBD1D}" = Catalyst Control Center Localization Chinese Standard "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3466C4D1-508A-0E36-EB05-2E53766F27E0}" = CCC Help Italian "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3 "{38DCD6F5-C4DC-25E5-C113-0A909558FC2C}" = CCC Help Norwegian "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = XTB-Trader FIX 4.00 "{3FA160E2-066B-8D77-FCF4-F001F236E8E7}" = CCC Help Spanish "{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74}" = Catalyst Control Center - Branding "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{431CED44-A6D3-4E4A-2B76-04D1A861FCCE}" = Catalyst Control Center Localization Swedish "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7 "{475144D0-A4D6-C553-42B5-7BB60FCEF9EC}" = Catalyst Control Center Localization German "{47F3EDF5-C821-49E6-B9B3-D00BF0A9BAB8}" = DigitalPersona Personal 4.11 "{49BA6327-744C-3D20-16DB-6E98BF66D0FD}" = Catalyst Control Center Localization Danish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B4D411D-E363-7E6B-68C3-C8E2EF02B7C6}" = CCC Help Chinese Traditional "{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{50DB0F17-4180-31F7-F26B-B40CBA8BA6E0}" = CCC Help German "{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend "{5396C246-53B5-4BBA-62DC-8308C7357EFE}" = Catalyst Control Center Localization Polish "{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack "{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}" = Everio MediaBrowser HD Edition "{54CAEF60-0258-2D8E-F01F-24BC689EA8A9}" = Catalyst Control Center Localization Portuguese "{55FA89BD-21D3-42F7-9249-C94C0094A83C}" = Apple Software Update "{560BB29B-41C5-88E4-4847-B4B1DDB47B9B}" = Catalyst Control Center Localization Czech "{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software "{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2 "{59748B12-406B-7EA4-355D-3BBD62E97C69}" = Catalyst Control Center Localization Turkish "{5B4E5823-7265-9A19-A871-36E75824F7BE}" = CCC Help French "{5D2CF9D0-113A-476B-986F-288B54571614}" = DevalVR plugin for Internet Explorer (remove) "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5EBC76DA-573E-7D96-A6F8-F4B9DE97A15F}" = Catalyst Control Center Localization Greek "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{623AD94E-1621-5AA1-BD6D-0EF08C9D7851}" = Catalyst Control Center Core Implementation "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6DBCFFF6-2A7B-4AE4-8FC8-1216442E2814}" = CCC Help Korean "{6FCBD7F7-6A29-089F-E5DB-E33EFCF306CD}" = Catalyst Control Center Localization Spanish "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{762D9F20-593B-436E-CAC3-B3D9F4DA7A90}" = Catalyst Control Center Localization Chinese Traditional "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Pomoc "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{80C2AD19-97A2-C829-38DE-5FD5B47F122B}" = ATI Catalyst Install Manager "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8436F8D7-AA62-83DA-3BC5-E04871BF5F61}" = CCC Help Portuguese "{84F40C39-1E61-B3A7-833A-3A376AB53394}" = CCC Help Japanese "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{894A754D-8B40-4543-89B3-F30A49A8565A}" = OLYMPUS Viewer 2 "{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.10 "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{9261ee68-71c2-4cd8-8683-cb6a0cac69f8}_is1" = DownTango Launcher 2.1 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{931FB38C-D5D4-4DBD-3723-50140A67F276}" = CCC Help Turkish "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{96A959C9-51E1-C920-A9FA-269BB462A940}" = CCC Help Czech "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A102E7E3-2A4E-F509-3EF6-019F45C83196}" = CCC Help Dutch "{A57222BD-51E3-7765-A008-9B6428402A59}" = CCC Help Hungarian "{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8ACD338-255C-B53D-7F19-ED7293B291E8}" = Catalyst Control Center Localization Norwegian "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobilny Internet "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1045-7B44-A81000000003}" = Adobe Reader 8.1.0 - Polish "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{BD41A0CF-79B4-98D8-B9B9-3DE8BEC8A861}" = Catalyst Control Center Localization Finnish "{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{BF73859E-9657-4876-8218-C19F578BDF63}_is1" = Cicero v1.0 "{C30628D8-D3A0-4F23-90F0-F145808087B6}" = Windows Live Remote Client Resources "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4B2636B-D76D-7C23-3010-99E96693F0B5}" = Catalyst Control Center Graphics Previews Vista "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C9E9386A-7E81-796A-3465-8471A239A8A0}" = CCC Help Chinese Standard "{CA4498C8-5146-E527-27A7-1B4F81C9BF05}" = CCC Help Thai "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5 "{D3CE109F-10BB-4048-A8CB-72FD23FA34F4}" = HP Deskjet 2050 J510 series Badanie ulepszeń produktu "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar "{DD2469BA-DDE0-4296-A021-501559DD96C0}" = HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia "{DD876490-252F-4EEF-B205-2E8F5A6E523B}" = ProtectSmart Hard Drive Protection "{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update "{DEC3A80C-49D3-2885-2A03-3FBA61A5D40F}" = Catalyst Control Center Localization Italian "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B276B1-97D7-7AD2-548F-248A7745A1ED}" = CCC Help Greek "{E2ADC6FA-4233-54E6-29EC-E60EAD096A50}" = Catalyst Control Center Localization Hungarian "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3EA025D-29A0-530C-9CA7-DBB5C49BB6DB}" = Skins "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E7044E25-3038-4A76-9064-344AC038043E}" = Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników "{E96FFA19-E94B-D32B-E103-E78A0877245A}" = Catalyst Control Center Localization Thai "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EAE4AD65-89F2-3DE8-DF46-CCB34393CAA0}" = Catalyst Control Center Localization Russian "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE3D717C-D93F-2A2B-F641-F59F48E11895}" = ccc-utility "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F1AB76C0-333F-11D5-BF46-0002B306C443}" = 3D Ultra Pinball Thrillride "{F447BD4C-65C3-A6D9-8A5F-5E822E32E1BC}" = Catalyst Control Center Localization Korean "{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102 "{F48FEA7A-2B87-8270-927C-20A0E7E5EBC2}" = CCC Help English "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package "{FCC92CBC-F520-A906-C002-9A6236308916}" = Catalyst Control Center Graphics Full New "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FEC99680-66C4-C8C7-084B-2FB1B257777C}" = CCC Help Finnish "{FEEDAB32-F937-8319-D3F1-FFFC98C2111E}" = ccc-core-static "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AOL Toolbar" = Pasek narzędzi AOL 5.0 "AP Tuner 3.08" = AP Tuner 3.08 "BabylonToolbar" = Babylon toolbar on IE "Budzik_is1" = Budzik 1.04 "CloneCD" = CloneCD "conduitEngine" = Conduit Engine "DownTango" = DownTango "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) "Easy CD Ripper" = Easy CD Ripper 2.26 "Free Video to JPG Converter_is1" = Free Video to JPG Converter version 1.8 "Fundusze Unijne dla Firm i Instytucjib1.0" = Fundusze Unijne dla Firm i Instytucji "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Photo Creations" = HP Photo Creations "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "ipla" = ipla 2.4 "iPlus manager_is1" = iPlus manager 2.2 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.1.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NIS" = Norton Internet Security "Optimizer Pro_is1" = Optimizer Pro v3.0 "Paseczek_is1" = Informator 1.2.0.426 "PCSU-SL_is1" = Przyspiesz Komputer - Kompletna deinstalacja "Płyta ucznia" = Płyta ucznia "Poradnik Antykryzysowy 2010a1.0" = Poradnik Antykryzysowy 2010 "Protected Search_is1" = Protected Search 1.1 "Registry Mechanic_is1" = Registry Mechanic 9.0 "Samsung CLP-310 Series" = Samsung CLP-310 Series "SP_9d366ef6" = SaveAs 1.66 "SP_d4b953fc" = Search Assistant JustBrowse 1.66 "Startup_Manager_is1" = Startup Manager 2.4.2 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuxGuitar_0" = TuxGuitar 1.1 "TuxGuitar_1" = TuxGuitar 1.2 "Two Worlds Pinball" = Two Worlds Pinball "Uninstall_is1" = Uninstall 1.0.0.1 "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab FLV Player" = FoxTab FLV Player "Game Organizer" = GameXN GO "GG" = GG [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-01-22 04:20:09 | Computer Name = hp-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-01-22 05:36:21 | Computer Name = hp-PC | Source = WinMgmt | ID = 10 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 05:39:32 | Computer Name = hp-PC | Source = Windows Search Service | ID = 3013 Description = Error - 2013-01-22 08:25:07 | Computer Name = hp-PC | Source = WinMgmt | ID = 10 Description = [ DigitalPersona Pro Events ] Error - 2012-02-11 14:59:45 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2012-02-11 14:59:56 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2012-02-11 15:00:05 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2012-02-11 15:00:12 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2012-06-02 03:21:43 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2012-07-20 19:09:27 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. Error - 2012-07-20 19:09:31 | Computer Name = hp-PC | Source = DigitalPersona Pro | ID = 17827841 Description = One-to-one fingerprint match failed. [ OSession Events ] Error - 2012-06-19 05:07:33 | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 34 seconds with 0 seconds of active time. This session ended with a crash. Error - 2012-06-19 05:18:06 | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 161 seconds with 120 seconds of active time. This session ended with a crash. Error - 2012-06-19 05:20:41 | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 102 seconds with 60 seconds of active time. This session ended with a crash. Error - 2012-07-04 10:45:12 | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3006 seconds with 240 seconds of active time. This session ended with a crash. [ System Events ] Error - 2013-01-22 08:24:21 | Computer Name = hp-PC | Source = SRTSP | ID = 524292 Description = Error loading virus definitions. Error - 2013-01-22 08:24:21 | Computer Name = hp-PC | Source = SRTSP | ID = 524293 Description = Error loading Symantec real time Anti-Virus driver. Error - 2013-01-22 08:25:07 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2013-01-22 08:25:07 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2013-01-22 08:25:07 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026 Description = Error - 2013-01-22 08:26:30 | Computer Name = hp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2013-01-22 08:46:10 | Computer Name = hp-PC | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie \Device\HarddiskVolume1. Error - 2013-01-22 08:46:10 | Computer Name = hp-PC | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie \Device\HarddiskVolume1. Error - 2013-01-22 08:46:10 | Computer Name = hp-PC | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie \Device\HarddiskVolume1. Error - 2013-01-22 08:50:43 | Computer Name = hp-PC | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie \Device\HarddiskVolume1. < End of report > [/spoiler]
Natsuki Kuga komentarz 23 stycznia 2013 komentarz 23 stycznia 2013 SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) Czy usługa Windows Defendera uruchamia się poprawnie?1. MOD - [2012-09-26 08:04:52 | 000,731,544 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\uialert.dll SRV - [2009-10-14 15:42:38 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) W systemie są dwa antywirusy. Odinstaluj jednego.2. Odinstaluj SaveAs, Java™ 6 Update 5, Babylon toolbar on IE, Conduit Engine, DVDVideoSoftTB Toolbar, Przyspiesz Komputer poprzez aplet Dodaj/usuń[/b] programy.3. Do OTL w sekcję Własne opcje skanowania/Skrypt wklej: [spoiler] :OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...e=true&tid=3220 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certif...e=true&tid=3220 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...3220&bs=true&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...e=true&tid=3220 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...e=true&tid=3220 IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certif...q={searchTerms} IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.jus...q={searchTerms} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...e=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certif...e=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...3220&bs=true&q= IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...e=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...e=true&tid=3220 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000226920baa2 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://websearch.jus...q={searchTerms} IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.certif...q={searchTerms} IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{E673692D-D93A-4A1E-917C-CD4A05605833}: "URL" = http://slirsredirect...hpcnnbie7-pl-pl FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaulturl: "http://websearch.jus...se.info/?l=1&q=" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "http://search.certif...e=true&tid=3220" FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2 FF - prefs.js..keyword.URL: "http://search.certif...3220&bs=true&q=" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "http://search.certif...e=true&tid=3220" FF - prefs.js..keyword.URL: "http://search.certif...3220&bs=true&q=" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaultengine: "Web Search" [2013-01-13 23:40:53 | 000,003,269 | ---- | M] () -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\searchplugins\Web Search.xml [2013-01-13 23:36:27 | 000,000,556 | ---- | M] () -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\searchplugins\WebSearch.xml CHR - homepage: http://websearch.just-browse.info/ O2 - BHO: (DownTango Launcher) - {a2b1552c-6264-4922-9c10-7476f942c3d1} - C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll (Simplytech Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (DownTango Launcher) - {a2b1552c-6264-4922-9c10-7476f942c3d1} - C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll (Simplytech Ltd.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O4 - HKU\.DEFAULT..\RunOnce: [] File not found O4 - HKU\S-1-5-18..\RunOnce: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [] File not found O4 - HKU\S-1-5-20..\RunOnce: [] File not found O20 - AppInit_DLLs: (c:\progra~1\saveas\sprote~1.dll) - c:\Program Files\SaveAs\sprotector.dll () O20 - AppInit_DLLs: (c:\progra~1\justbr~1\sprote~1.dll) - c:\Program Files\JustBrowse\sprotector.dll () O33 - MountPoints2\{25f93cbc-96ac-11df-8334-00218673ca54}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe O33 - MountPoints2\{c066495f-34ff-11e0-93d9-00218673ca54}\Shell\AutoRun\command - "" = g8k.exe O33 - MountPoints2\{c066495f-34ff-11e0-93d9-00218673ca54}\Shell\open\Command - "" = g8k.exe @Alternate Data Stream - 64 bytes -> C:\Users\hp\Desktop\m-legion-bdrip.avi:TOC.WMV :Files C:\Program Files\Przyspiesz Komputer C:\Program Files\DVDVideoSoftTB C:\Users\hp\AppData\Roaming\DDownTango1aToolbar C:\Program Files\ConduitEngine c:\Program Files\SaveAs c:\Program Files\JustBrowse C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search C:\Program Files\DDownTango1aToolbar C:\Program Files\Protected Search C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs C:\ProgramData\SaveAs C:\Users\hp\AppData\Local\Temp*.html C:\SetSearchAndHomepageInBrowserLog.txt :Reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4C2FF2DA-0535-4C46-8D72-F03E35EDAAEA}"=- "{E76C7D36-9ADD-4003-AE20-ABF5813F7C7D}"=- :Service PCSUService [/spoiler] Kliknij Wykonaj skrypt, pokaż raport.3. Uruchom AdwCleaner z opcji Usuń. Pokaż raport.4. Podepnij wszystkie pamięci przenośne jakie posiadasz i użyj USBFix z opcji Deletion. Pokaż raport.5. Zaktualizuj podane pozycje do najnowszych wersji: Java™ 6 Update 31 Adobe Reader 8.1.0 - Polish Java 6 Update 38: http://download.oracle.com/otn-pub/java/jdk/6u38-b05/jre-6u38-windows-i586.exe Adobe Reader 11: http://www.adobe.com/support/downloads/detail.jsp?ftpID=5507 6. Error - 2013-01-22 08:46:10 | Computer Name = hp-PC | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie \Device\HarddiskVolume1. Pokaż screen z programu CrystalDiskInfo. 7. Pokaż nowe logi.
pokus632 komentarz 24 stycznia 2013 Autor komentarz 24 stycznia 2013 (edytowane) Windows Defender: http://imageshack.us/photo/my-images/560/beztytuumqh.jpg/ 1. Odinstalowałem obydwa i zainstalowałem AVG 2. Odinstalowane 3.Raport: [spoiler]========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Bar| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Default_Page_URL| /E : value set successfully! HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll not found. Registry key HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found. Registry key HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E673692D-D93A-4A1E-917C-CD4A05605833}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E673692D-D93A-4A1E-917C-CD4A05605833}\ not found. Prefs.js: "Web Search" removed from browser.search.defaultenginename Prefs.js: "Web Search" removed from browser.search.defaultenginename Prefs.js: "http://websearch.jus...se.info/?l=1&q=" removed from browser.search.defaulturl Prefs.js: "Web Search" removed from browser.search.order.1 Prefs.js: "Web Search" removed from browser.search.order.1 Prefs.js: "Web Search" removed from browser.search.selectedEngine Prefs.js: "Web Search" removed from browser.search.selectedEngine Prefs.js: "http://search.certif...e=true&tid=3220" removed from browser.startup.homepage Prefs.js: vshare@toolbar:1.0.2 removed from extensions.enabledItems Prefs.js: "http://search.certif...3220&bs=true&q=" removed from keyword.URL Prefs.js: "Web Search" removed from browser.search.defaultenginename Prefs.js: "Web Search" removed from browser.search.selectedEngine Prefs.js: "http://search.certif...e=true&tid=3220" removed from browser.startup.homepage Prefs.js: "http://search.certif...3220&bs=true&q=" removed from keyword.URL Prefs.js: "" removed from browser.search.defaultthis.engineName Prefs.js: "Web Search" removed from browser.search.defaultengine C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\searchplugins\Web Search.xml moved successfully. C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\searchplugins\WebSearch.xml moved successfully. Use Chrome's Settings page to change the HomePage. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2b1552c-6264-4922-9c10-7476f942c3d1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2b1552c-6264-4922-9c10-7476f942c3d1}\ deleted successfully. C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found. File C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a2b1552c-6264-4922-9c10-7476f942c3d1} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2b1552c-6264-4922-9c10-7476f942c3d1}\ not found. File C:\Users\hp\AppData\Roaming\DDownTango1aToolbar\DDownTango1aToolbar.dll not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. File C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. File C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll not found. Registry value HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. File C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\saveas\sprote~1.dll deleted successfully. File c:\Program Files\SaveAs\sprotector.dll not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\justbr~1\sprote~1.dll deleted successfully. c:\Program Files\JustBrowse\sprotector.dll moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25f93cbc-96ac-11df-8334-00218673ca54}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25f93cbc-96ac-11df-8334-00218673ca54}\ not found. File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c066495f-34ff-11e0-93d9-00218673ca54}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c066495f-34ff-11e0-93d9-00218673ca54}\ not found. File g8k.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c066495f-34ff-11e0-93d9-00218673ca54}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c066495f-34ff-11e0-93d9-00218673ca54}\ not found. File g8k.exe not found. ADS C:\Users\hp\Desktop\m-legion-bdrip.avi:TOC.WMV deleted successfully. ========== FILES ========== File\Folder C:\Program Files\Przyspiesz Komputer not found. File\Folder C:\Program Files\DVDVideoSoftTB not found. C:\Users\hp\AppData\Roaming\DDownTango1aToolbar folder moved successfully. File\Folder C:\Program Files\ConduitEngine not found. File\Folder c:\Program Files\SaveAs not found. c:\Program Files\JustBrowse folder moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search folder moved successfully. C:\Program Files\DDownTango1aToolbar\support@DDownTango1aToolbar.com\components folder moved successfully. C:\Program Files\DDownTango1aToolbar\support@DDownTango1aToolbar.com folder moved successfully. C:\Program Files\DDownTango1aToolbar folder moved successfully. Folder move failed. C:\Program Files\Protected Search scheduled to be moved on reboot. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs folder moved successfully. C:\ProgramData\SaveAs\data folder moved successfully. C:\ProgramData\SaveAs folder moved successfully. C:\Users\hp\AppData\Local\TempLM2448.html moved successfully. C:\Users\hp\AppData\Local\TempML4996.html moved successfully. C:\Users\hp\AppData\Local\TempXB2448.html moved successfully. C:\SetSearchAndHomepageInBrowserLog.txt moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C2FF2DA-0535-4C46-8D72-F03E35EDAAEA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C2FF2DA-0535-4C46-8D72-F03E35EDAAEA}\ not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E76C7D36-9ADD-4003-AE20-ABF5813F7C7D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E76C7D36-9ADD-4003-AE20-ABF5813F7C7D}\ not found. Error: Unable to interpret <:Service> in the current context! Error: Unable to interpret <PCSUService> in the current context! OTL by OldTimer - Version 3.2.69.0 log created on 01242013_000929 Files\Folders moved on Reboot... C:\Program Files\Protected Search folder moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... [/spoiler] 3. AdwCleaner: [spoiler] # AdwCleaner v2.107 - Log utworzony 24/01/2013 o 00:24:28 # Aktualizacja 21/01/2013 przez Xplode # System operacyjny : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # Użytkownik : hp - HP-PC # Tryb uruchomienia : Normalny # Ścieżka : C:\Users\hp\Desktop\Nowy folder\Nowy folder\Nowy folder\adwcleaner.exe # Opcja [Usuń] ***** [Usługi] ***** ***** [Pliki / Foldery] ***** Folder Usunięto : C:\ProgramData\Babylon Folder Usunięto : C:\ProgramData\InstallMate Folder Usunięto : C:\Users\hp\AppData\Local\Babylon Folder Usunięto : C:\Users\hp\AppData\Local\Conduit Folder Usunięto : C:\Users\hp\AppData\Local\Temp\BabylonToolbar Folder Usunięto : C:\Users\hp\AppData\LocalLow\Conduit Folder Usunięto : C:\Users\hp\AppData\LocalLow\PriceGong Folder Usunięto : C:\Users\hp\AppData\LocalLow\SaveAs Folder Usunięto : C:\Users\hp\AppData\Roaming\Babylon Folder Usunięto : C:\Users\hp\AppData\Roaming\cacaoweb Folder Usunięto : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\cacaoweb@cacaoweb.org Plik Usunięto : C:\END Plik Usunięto : C:\user.js Plik Usunięto : C:\Users\hp\Documents\cacaoweb.exe Plik Usunięto : C:\Windows\system32\conduitEngine.tmp ***** [Rejestr] ***** Klucz Usunięto : HKCU\Software\AppDataLow\Software\PriceGong Klucz Usunięto : HKCU\Software\AppDataLow\Software\Toolbar Klucz Usunięto : HKCU\Software\AppDataLow\SProtector Klucz Usunięto : HKCU\Software\cacaoweb Klucz Usunięto : HKCU\Software\InstallCore Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16726771-C380-4280-BAF9-1223B3838786} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Klucz Usunięto : HKCU\Software\Optimizer Pro Klucz Usunięto : HKCU\Software\ProtectedSearch Klucz Usunięto : HKLM\Software\Babylon Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escort.DLL Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Klucz Usunięto : HKLM\SOFTWARE\Classes\Conduit.Engine Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap Klucz Usunięto : HKLM\SOFTWARE\Classes\S Klucz Usunięto : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Klucz Usunięto : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786} Klucz Usunięto : HKLM\Software\OpenCandy Klucz Usunięto : HKLM\Software\SP Global Klucz Usunięto : HKLM\Software\SProtector ***** [Przeglądarki Internetowe] ***** -\\ Internet Explorer v9.0.8112.16457 Podmieniono : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=3220&new=true --> hxxp://www.google.com -\\ Mozilla Firefox v18.0 (pl) Plik : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\prefs.js C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\user.js ... Usunięto ! Usunięto : user_pref("aol_toolbar.default.homepage.check", false); Usunięto : user_pref("aol_toolbar.default.search.check", false); Usunięto : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Usunięto : user_pref("browser.search.defaulturl", "hxxp://websearch.just-browse.info/?l=1&q="); Usunięto : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=32[...] Usunięto : user_pref("extensions.50f33bceb0f9a.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...] Usunięto : user_pref("extensions.BabylonToolbar.prtkDS", 0); Usunięto : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Usunięto : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Usunięto : user_pref("extensions.BabylonToolbar_i.babExt", ""); Usunięto : user_pref("extensions.BabylonToolbar_i.babTrack", "tt=090212_noffx"); Usunięto : user_pref("extensions.BabylonToolbar_i.hardId", "2be0296600000000000000226920baa2"); Usunięto : user_pref("extensions.BabylonToolbar_i.id", "2be0296600000000000000226920baa2"); Usunięto : user_pref("extensions.BabylonToolbar_i.instlDay", "15384"); Usunięto : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Usunięto : user_pref("extensions.BabylonToolbar_i.newTab", true); Usunięto : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=110000&tt=090212_n[...] Usunięto : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Usunięto : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Usunięto : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Usunięto : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Usunięto : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Usunięto : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Usunięto : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.178:43:17"); Usunięto : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Usunięto : user_pref("extensions.vshare@toolbar.update.enabled", false); Usunięto : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q="); Usunięto : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=32[...] Usunięto : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=3220&bs=true&q="); Usunięto : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Usunięto : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Usunięto : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Usunięto : user_pref("sweetim.toolbar.searchguard.enable", ""); -\\ Google Chrome v24.0.1312.52 Plik : C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Plik w porządku. ************************* AdwCleaner[S1].txt - [7371 octets] - [24/01/2013 00:24:28] ########## EOF - C:\AdwCleaner[S1].txt - [7431 octets] ########## [/spoiler] 4.nie posiadam pamięci przenośnych 5. Zaktualizowane 6. CrystalDisklnfo nie ciachał się uruchomić screen:http://imageshack.us/photo/my-images/189/bezbhtytuu.jpg/ 7. OTL: [spoiler] OTL logfile created on: 2013-01-24 01:16:59 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hp\Desktop\Nowy folder Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,84% Memory free 6,22 Gb Paging File | 5,02 Gb Available in Paging File | 80,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,95 Gb Total Space | 101,73 Gb Free Space | 35,09% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,54 Gb Free Space | 18,97% Space Free | Partition Type: NTFS Drive F: | 931,48 Gb Total Space | 804,26 Gb Free Space | 86,34% Space Free | Partition Type: NTFS Computer Name: HP-PC | User Name: hp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days ========== Processes (All) ========== PRC - [2013-01-22 10:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\Nowy folder\OTL.exe PRC - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe PRC - [2012-11-23 12:37:00 | 020,857,328 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe PRC - [2012-10-30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe PRC - [2012-10-22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe PRC - [2012-10-22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe PRC - [2012-10-22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE PRC - [2012-02-02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe PRC - [2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-12-01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2009-08-11 17:53:08 | 000,241,664 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe PRC - [2009-08-11 17:52:46 | 000,132,608 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009-01-12 15:50:42 | 000,292,216 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe PRC - [2009-01-12 15:50:42 | 000,116,080 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe PRC - [2009-01-12 15:50:08 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe PRC - [2008-08-08 06:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe PRC - [2008-06-27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe PRC - [2008-04-15 12:40:10 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe PRC - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2008-03-28 10:17:20 | 000,667,648 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe PRC - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008-03-26 14:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008-03-18 15:24:58 | 000,019,456 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe PRC - [2008-02-26 13:13:22 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008-01-25 17:05:30 | 000,148,832 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PRC - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PRC - [2007-05-31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe PRC - [2007-01-09 10:25:00 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ========== Modules (All) ========== MOD - [2013-01-22 10:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\Nowy folder\OTL.exe MOD - [2013-01-09 00:51:44 | 014,461,448 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\Flash32_11_5_502_146.ocx MOD - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe MOD - [2012-12-11 03:52:20 | 002,608,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgkrnlapix.dll MOD - [2012-12-06 04:07:10 | 000,793,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgsysx.dll MOD - [2012-11-23 12:37:06 | 004,035,472 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ZGUI.dll MOD - [2012-11-23 12:37:04 | 000,392,592 | ---- | M] () -- C:\Program Files\ipla\jabberoo.dll MOD - [2012-11-23 12:37:04 | 000,068,496 | ---- | M] () -- C:\Program Files\ipla\ziplib.dll MOD - [2012-11-23 12:37:02 | 000,243,600 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\ipla\curllib.dll MOD - [2012-11-23 12:37:00 | 020,857,328 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe MOD - [2012-11-23 12:37:00 | 001,001,872 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\CommonLib.dll MOD - [2012-11-23 12:25:52 | 000,294,400 | ---- | M] () -- C:\Program Files\ipla\MediaFileScanner.dll MOD - [2012-11-23 12:23:42 | 002,268,160 | ---- | M] (http://mediainfo.sourceforge.net) -- C:\Program Files\ipla\MediaInfoStatic.dll MOD - [2012-11-22 04:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2012-11-20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2012-11-15 23:34:32 | 001,001,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgx.dll MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2012-11-14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2012-10-22 13:04:38 | 002,024,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avguires.dll MOD - [2012-10-22 13:04:36 | 000,025,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgapps.dll MOD - [2012-10-22 13:04:16 | 000,230,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgse.dll MOD - [2012-10-22 13:04:12 | 000,862,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgntopensslx.dll MOD - [2012-10-22 13:04:10 | 000,311,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avglogx.dll MOD - [2012-10-22 13:04:10 | 000,177,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avglngx.dll MOD - [2012-10-22 13:04:08 | 000,481,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcommx.dll MOD - [2012-10-22 13:04:08 | 000,403,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgdecider.dll MOD - [2012-10-22 13:04:04 | 000,348,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidpmx.dll MOD - [2012-10-22 13:03:44 | 000,279,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgclitx.dll MOD - [2012-10-13 11:38:14 | 000,856,064 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll MOD - [2012-09-28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2012-09-25 17:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll MOD - [2012-08-24 16:53:29 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2012-06-29 17:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2012-06-05 17:47:27 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll MOD - [2012-06-02 01:04:25 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2012-06-02 01:02:32 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2012-06-02 01:02:32 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2012-04-04 15:46:34 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2012-04-04 15:46:28 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012-04-04 15:46:28 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012-03-01 15:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2012-03-01 15:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2012-02-29 16:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2012-02-29 15:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2012-02-29 14:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2012-02-29 14:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2012-02-03 16:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll MOD - [2012-02-02 15:16:30 | 000,145,280 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\subsys\OlyLib\OlyBar.dll MOD - [2012-02-02 15:16:30 | 000,116,608 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\subsys\OlyLib\OlyGin.dll MOD - [2012-02-02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe MOD - [2011-12-14 17:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2011-11-18 21:23:34 | 001,205,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-16 17:23:08 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2011-10-14 17:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2011-08-25 17:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-25 17:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-06-22 17:23:52 | 001,217,024 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ipla\libeay32.dll MOD - [2011-06-22 17:23:52 | 000,237,056 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ipla\ssleay32.dll MOD - [2011-06-17 00:08:56 | 001,101,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll MOD - [2011-06-17 00:08:56 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-17 00:08:50 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 00:08:50 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-17 00:08:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll MOD - [2011-06-15 17:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-04-28 15:14:56 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-03-10 18:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll MOD - [2011-03-02 16:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-19 23:03:12 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100u.dll MOD - [2011-02-19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll MOD - [2011-02-19 23:03:12 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100enu.dll MOD - [2011-02-19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll MOD - [2011-01-20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2011-01-20 17:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2011-01-20 17:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2011-01-20 17:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2011-01-20 17:07:16 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2011-01-20 17:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-12-28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll MOD - [2010-11-04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-08-31 16:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-06-18 18:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-05-04 20:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-03-15 10:28:22 | 000,142,336 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-10-23 18:10:19 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2009-10-01 02:02:04 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2009-10-01 02:02:02 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2009-10-01 02:01:59 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-09-25 03:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-09-10 17:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll MOD - [2009-09-04 12:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2009-08-11 17:52:46 | 000,132,608 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-11 20:01:41 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-06-15 15:51:38 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:26 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll MOD - [2009-04-11 07:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll MOD - [2009-04-11 07:28:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-04-11 07:28:25 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpband.dll MOD - [2009-04-11 07:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll MOD - [2009-04-11 07:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-04-11 07:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll MOD - [2009-04-11 07:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-04-11 07:28:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2009-04-11 07:28:24 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2009-04-11 07:28:23 | 001,823,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2009-04-11 07:28:23 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-04-11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:22 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2009-04-11 07:28:22 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll MOD - [2009-04-11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2009-04-11 07:28:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2009-04-11 07:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-04-11 07:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2009-04-11 07:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-04-11 07:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2009-04-11 07:28:20 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2009-04-11 07:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:20 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-04-11 07:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-04-11 07:28:19 | 002,134,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll MOD - [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll MOD - [2009-04-11 07:28:19 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2009-04-11 07:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll MOD - [2009-04-11 07:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-04-11 07:28:19 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll MOD - [2009-04-11 07:28:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll MOD - [2009-04-11 07:28:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2009-04-11 07:28:19 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-04-11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-04-11 07:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-04-11 07:28:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll MOD - [2009-04-11 07:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2009-04-11 07:28:18 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2009-04-11 07:28:18 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2009-04-11 07:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll MOD - [2009-04-11 07:28:18 | 001,209,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll MOD - [2009-04-11 07:28:18 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-04-11 07:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-04-11 07:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-04-11 07:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2009-04-11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe MOD - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe MOD - [2009-04-11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe MOD - [2009-04-11 07:27:12 | 001,122,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl MOD - [2009-04-11 07:27:12 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2009-04-11 07:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2009-04-11 07:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-02-26 16:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL MOD - [2009-01-12 15:50:42 | 000,271,760 | ---- | M] (Cyberlink) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll MOD - [2009-01-12 15:50:38 | 000,062,832 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll MOD - [2009-01-12 15:50:36 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\MFC71.dll MOD - [2009-01-12 15:50:36 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\msvcp71.dll MOD - [2009-01-12 15:50:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\msvcr71.dll MOD - [2009-01-12 15:50:08 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe MOD - [2009-01-12 15:50:06 | 000,066,856 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Helper.dll MOD - [2009-01-12 15:49:44 | 000,075,048 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll MOD - [2009-01-12 15:49:44 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll MOD - [2008-08-08 06:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe MOD - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe MOD - [2008-03-28 10:19:10 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008-03-28 10:18:58 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll MOD - [2008-03-28 10:05:14 | 003,074,560 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll MOD - [2008-03-28 09:51:30 | 004,088,320 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll MOD - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe MOD - [2008-01-21 03:25:33 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnssci.dll MOD - [2008-01-21 03:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2008-01-21 03:25:18 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll MOD - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe MOD - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe MOD - [2008-01-21 03:25:01 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2008-01-21 03:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2008-01-21 03:24:57 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll MOD - [2008-01-21 03:24:56 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2008-01-21 03:24:56 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2008-01-21 03:24:54 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll MOD - [2008-01-21 03:24:54 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2008-01-21 03:24:54 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2008-01-21 03:24:54 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2008-01-21 03:24:54 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2008-01-21 03:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:48 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2008-01-21 03:24:47 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2008-01-21 03:24:47 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:46 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll MOD - [2008-01-21 03:24:46 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2008-01-21 03:24:45 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2008-01-21 03:24:41 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2008-01-21 03:24:41 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:37 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2008-01-21 03:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2008-01-21 03:24:29 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2008-01-21 03:24:28 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:25 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:24:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll MOD - [2008-01-21 03:24:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2008-01-21 03:24:13 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2008-01-21 03:24:12 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll MOD - [2008-01-21 03:24:11 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2008-01-21 03:24:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2008-01-21 03:24:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2008-01-21 03:24:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2008-01-21 03:23:58 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll MOD - [2008-01-21 03:23:53 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll MOD - [2008-01-21 03:23:50 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2008-01-21 03:23:45 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2008-01-21 03:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 03:23:39 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll MOD - [2008-01-21 03:23:39 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll MOD - [2008-01-21 03:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe MOD - [2008-01-16 16:56:02 | 000,647,168 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwNamespaceExt.dll MOD - [2008-01-16 16:55:16 | 000,368,640 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwNeLib.dll MOD - [2008-01-16 16:31:26 | 000,180,224 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btwpimif.dll MOD - [2008-01-16 16:29:58 | 000,233,472 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btosif.dll MOD - [2008-01-16 16:19:58 | 000,184,320 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BTNCopy.dll MOD - [2008-01-16 16:15:32 | 000,602,112 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btwapi.dll MOD - [2008-01-16 16:10:52 | 005,271,552 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\btrez.dll MOD - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe MOD - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe MOD - [2007-05-31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe MOD - [2007-05-31 08:21:18 | 000,223,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapistub.dll MOD - [2007-05-31 08:21:04 | 000,105,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapi.dll MOD - [2007-05-31 08:21:00 | 000,075,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ceutil.dll MOD - [2007-05-31 08:20:56 | 000,058,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdsyncman.dll MOD - [2007-05-31 08:20:28 | 000,024,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcescommproxy.dll MOD - [2007-05-31 08:20:24 | 000,024,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapiproxystub.dll MOD - [2006-11-02 13:35:33 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehProxy.dll MOD - [2006-11-02 13:35:21 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\wlsrvc.dll MOD - [2006-11-02 13:34:50 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2006-11-02 13:34:48 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2006-11-02 13:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2006-11-02 10:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2006-11-02 10:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll MOD - [2006-11-02 10:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2006-11-02 10:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2006-11-02 10:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll MOD - [2006-11-02 10:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll MOD - [2006-11-02 10:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 10:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2006-11-02 10:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2006-11-02 10:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2006-11-02 10:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2006-11-02 10:46:05 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2006-11-02 10:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2006-11-02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2006-11-02 10:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2006-11-02 10:46:02 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2006-11-02 10:42:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcint.dll MOD - [2006-11-02 09:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2005-07-22 08:21:46 | 000,032,768 | ---- | M] () -- C:\Program Files\MP3 Player Utilities 4.10\AMVConverter\AmvTransform.dll MOD - [2003-12-26 10:26:20 | 000,137,728 | ---- | M] () -- C:\Program Files\Kongsoft\Easy CD Ripper\MenuHandler.dll MOD - [2003-02-21 11:42:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2013-01-12 21:38:39 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-09 01:06:57 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012-02-10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2009-12-01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-08-11 17:53:08 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe -- (UI Assistant Service) SRV - [2008-06-27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -- (STacSV) SRV - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008-03-26 14:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\hp\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO) DRV - [2012-11-15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012-10-22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012-10-18 18:24:06 | 000,097,440 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SMR311.SYS -- (SMR311) DRV - [2012-10-15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012-10-02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-09-21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012-09-21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2012-09-21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2012-09-14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2009-12-01 09:35:54 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-16 12:00:16 | 000,013,312 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\SWSetup\SP46501\iscflash.sys -- (iscFlash) DRV - [2009-04-22 15:35:04 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009-04-11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2009-02-02 17:14:20 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009-02-02 17:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009-02-02 17:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009-01-12 15:50:04 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/06/09 13:04:42] [Kernel | Auto | Running] -- C:\Program Files\HP\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) DRV - [2008-06-27 19:44:18 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008-05-02 09:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-05-02 09:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-05-02 09:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008-05-02 09:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-04-27 10:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-04-14 23:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2008-04-14 20:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-01 12:14:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-03-28 12:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008-03-27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2008-03-27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008-03-26 17:28:08 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-01-23 22:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-01-07 21:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Amddfltr.sys -- (Amddfltr) DRV - [2007-08-13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2007-07-11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-11-02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-10-29 21:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{E673692D-D93A-4A1E-917C-CD4A05605833}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{9B3712E9-B972-413D-A123-3801D4192562}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{9B3712E9-B972-413D-A123-3801D4192562}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..extensions.enabledAddons: cacaoweb%40cacaoweb.org:1.0.30 FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.7 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3790 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.17 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013 FF - prefs.js..network.proxy.type: 0 FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.useDBForOrder: false FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-06-24 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-24 00:48:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2010-06-24 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-24 00:48:43 | 000,000,000 | ---D | M] [2010-10-12 17:11:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Extensions [2013-01-24 00:24:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions [2010-10-16 21:58:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-01-22 10:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\{b8c34bad-92d0-480c-85cc-1a74f02bc0da} [2013-01-22 10:33:22 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\oeq2cna0.default\extensions\50f33bceb0eed@50f33bceb0f27.com [2012-12-20 00:06:35 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\extensions\firebug@software.joehewitt.com.xpi [2012-08-25 21:53:38 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\oeq2cna0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-01-24 00:48:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-01-22 10:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-24 00:48:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\HP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEQ2CNA0.DEFAULT\EXTENSIONS\CACAOWEB@CACAOWEB.ORG [2013-01-12 21:38:39 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll ========== Chrome ========== CHR - homepage: http://websearch.just-browse.info/ CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidphlojnhblpolbjemjnpadploaalhl\1\ O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SaveAs) - {562611BF-554D-C7EF-43BA-85EE2DD1CD7E} - C:\ProgramData\SaveAs\50f33bceb1080.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Olympus ib] C:\Program Files\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [UIExec] C:\Program Files\Netia\Mobilny Internet\UIExec.exe () O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKLM..\RunOnce: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19E04987-082A-4DDC-A462-1F40C8DA516E}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFCF1368-503C-4ECF-9FBA-C39CD157AF40}: NameServer = 87.204.204.204,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCC5C337-101A-44DC-9D74-F2D51D9DCD91}: NameServer = 87.204.204.204,8.8.8.8 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5505614f-ac81-11e1-b9e9-00218673ca54}\Shell - "" = AutoRun O33 - MountPoints2\{5505614f-ac81-11e1-b9e9-00218673ca54}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a2c95c31-73b5-11df-85ea-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a2c95c31-73b5-11df-85ea-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ========== Files/Folders - Created Within 60 Days ========== [2013-01-24 01:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [2013-01-24 01:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo [2013-01-24 00:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-01-24 00:42:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013-01-24 00:41:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-01-24 00:32:38 | 000,000,000 | ---D | C] -- C:\UsbFix [2013-01-24 00:09:29 | 000,000,000 | ---D | C] -- C:\_OTL [2013-01-22 18:39:08 | 000,000,000 | ---D | C] -- C:\Boot [2013-01-22 17:14:46 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\MigWiz [2013-01-22 16:05:08 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\AVG2013 [2013-01-22 16:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013-01-22 16:03:45 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\TuneUp Software [2013-01-22 15:59:23 | 000,000,000 | -H-D | C] -- C:\$AVG [2013-01-22 15:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013-01-22 15:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2013-01-22 15:39:49 | 000,000,000 | -HSD | C] -- C:\found.000 [2013-01-22 15:29:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013-01-22 15:29:33 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\MFAData [2013-01-22 15:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013-01-22 15:29:33 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Avg2013 [2013-01-22 14:30:10 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Instalki [2013-01-22 14:28:13 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Zdjęcia [2013-01-22 14:25:58 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\World [2013-01-22 14:24:32 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Programy [2013-01-22 14:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2013-01-22 14:07:16 | 000,000,000 | ---D | C] -- C:\rsit [2013-01-22 13:50:22 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Optimizer Pro [2013-01-22 13:27:54 | 000,000,000 | R--D | C] -- C:\Users\hp\Desktop\Nowy folder [2013-01-19 14:26:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013-01-19 14:26:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013-01-13 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownTango [2013-01-13 23:40:44 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\DownTango [2013-01-13 23:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Red Sky [2013-01-13 23:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Cloud Software LTD [2013-01-13 23:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro [2013-01-13 23:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013-01-12 21:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(9) [2013-01-12 21:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-01-04 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\Zatrudnienie [2012-12-12 10:07:23 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\kazania [2012-12-07 09:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-12-07 09:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-06-09 18:03:27 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe [2010-06-09 18:03:06 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe [2010-06-09 18:02:44 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe [2010-06-09 18:02:23 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe [2010-06-09 18:01:56 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe ========== Files - Modified Within 60 Days ========== [2013-01-24 01:16:52 | 004,980,736 | -HS- | M] () -- C:\Users\hp\ntuser.dat [2013-01-24 01:10:37 | 000,001,804 | ---- | M] () -- C:\Users\hp\Desktop\CrystalDiskInfo Shizuku Edition.lnk [2013-01-24 01:10:37 | 000,001,765 | ---- | M] () -- C:\Users\hp\Desktop\CrystalDiskInfo.lnk [2013-01-24 01:05:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-24 00:56:12 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-01-24 00:44:12 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013-01-24 00:30:04 | 000,000,269 | ---- | M] () -- C:\ProgramData\hpqp.ini [2013-01-24 00:29:34 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-01-24 00:29:00 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-24 00:28:59 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-24 00:28:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2013-01-24 00:28:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-24 00:28:44 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2013-01-24 00:26:05 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013-01-24 00:26:01 | 003,736,677 | -H-- | M] () -- C:\Users\hp\AppData\Local\IconCache.db [2013-01-24 00:26:01 | 000,524,288 | -HS- | M] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000002.regtrans-ms [2013-01-24 00:26:01 | 000,065,536 | -HS- | M] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TM.blf [2013-01-23 23:58:38 | 001,495,500 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2013-01-23 23:58:38 | 000,672,390 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2013-01-23 23:58:38 | 000,596,062 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013-01-23 23:58:38 | 000,130,766 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2013-01-23 23:58:38 | 000,104,136 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013-01-23 23:31:25 | 000,001,356 | ---- | M] () -- C:\Users\hp\AppData\Local\d3d9caps.dat [2013-01-22 18:19:07 | 000,001,887 | ---- | M] () -- C:\Windows\diagwrn.xml [2013-01-22 18:19:07 | 000,001,887 | ---- | M] () -- C:\Windows\diagerr.xml [2013-01-22 18:18:51 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2013-01-22 16:03:47 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013-01-22 13:29:11 | 000,050,176 | ---- | M] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-12 18:04:33 | 000,001,971 | ---- | M] () -- C:\Users\hp\Desktop\Google Chrome.lnk [2013-01-09 18:25:47 | 000,304,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-01-08 18:58:04 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhp.job [2013-01-05 20:10:52 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\AppleSoftwareUpdate.job [2012-12-03 02:54:32 | 000,011,264 | ---- | M] () -- C:\Windows\Launcher.exe ========== Files Created - No Company Name ========== [2013-01-24 01:10:37 | 000,001,804 | ---- | C] () -- C:\Users\hp\Desktop\CrystalDiskInfo Shizuku Edition.lnk [2013-01-24 01:10:37 | 000,001,765 | ---- | C] () -- C:\Users\hp\Desktop\CrystalDiskInfo.lnk [2013-01-24 00:44:12 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013-01-24 00:44:11 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013-01-22 18:47:06 | 3218,956,288 | -HS- | C] () -- C:\hiberfil.sys [2013-01-22 18:18:50 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2013-01-22 17:13:55 | 000,001,887 | ---- | C] () -- C:\Windows\diagwrn.xml [2013-01-22 17:13:55 | 000,001,887 | ---- | C] () -- C:\Windows\diagerr.xml [2013-01-22 16:03:47 | 000,000,872 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013-01-19 14:35:48 | 003,736,677 | -H-- | C] () -- C:\Users\hp\AppData\Local\IconCache.db [2013-01-13 23:40:57 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe [2012-12-24 23:19:05 | 003,733,661 | ---- | C] () -- C:\Users\hp\Documents\PA210015.JPG [2012-12-24 23:19:05 | 003,655,562 | ---- | C] () -- C:\Users\hp\Documents\PA210010.JPG [2012-12-24 23:19:05 | 003,654,756 | ---- | C] () -- C:\Users\hp\Documents\PA210004.JPG [2012-12-24 23:19:05 | 003,650,385 | ---- | C] () -- C:\Users\hp\Documents\PA210012.JPG [2012-12-24 23:19:05 | 003,650,112 | ---- | C] () -- C:\Users\hp\Documents\PA210005.JPG [2012-12-24 23:19:05 | 003,640,501 | ---- | C] () -- C:\Users\hp\Documents\PA210007.JPG [2012-12-24 23:19:05 | 003,623,897 | ---- | C] () -- C:\Users\hp\Documents\PA210014.JPG [2012-12-24 23:19:05 | 003,613,002 | ---- | C] () -- C:\Users\hp\Documents\PA210011.JPG [2012-12-24 23:19:05 | 003,578,865 | ---- | C] () -- C:\Users\hp\Documents\PA210016.JPG [2012-12-24 23:19:05 | 003,567,985 | ---- | C] () -- C:\Users\hp\Documents\PA210001.JPG [2012-12-24 23:19:05 | 003,524,524 | ---- | C] () -- C:\Users\hp\Documents\PA210009.JPG [2012-12-24 23:19:05 | 003,523,954 | ---- | C] () -- C:\Users\hp\Documents\PA210002.JPG [2012-12-24 23:19:05 | 003,506,741 | ---- | C] () -- C:\Users\hp\Documents\PA210008.JPG [2012-12-24 23:19:05 | 003,492,704 | ---- | C] () -- C:\Users\hp\Documents\PA210013.JPG [2012-12-24 23:19:05 | 003,364,904 | ---- | C] () -- C:\Users\hp\Documents\PA210003.JPG [2012-12-24 23:19:05 | 003,350,401 | ---- | C] () -- C:\Users\hp\Documents\PA210006.JPG [2012-12-12 01:33:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-12-12 01:33:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-06-26 22:08:19 | 003,672,770 | ---- | C] () -- C:\Users\hp\Scan.jpg [2011-02-22 21:42:09 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000002.regtrans-ms [2011-02-22 21:42:09 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000001.regtrans-ms [2011-02-22 21:42:09 | 000,065,536 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TM.blf [2011-01-17 21:38:41 | 003,682,304 | ---- | C] () -- C:\Users\hp\s-1-5-21-168299090-1096314759-280584690-1000.rrr [2010-09-01 23:30:51 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010-07-01 18:14:35 | 000,001,356 | ---- | C] () -- C:\Users\hp\AppData\Local\d3d9caps.dat [2010-06-21 21:47:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-06-21 09:10:24 | 000,050,176 | ---- | C] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-09 12:04:42 | 000,000,269 | ---- | C] () -- C:\ProgramData\hpqp.ini [2009-12-02 13:45:59 | 000,071,528 | ---- | C] () -- C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT [2009-12-02 13:33:48 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2009-12-02 13:33:48 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2009-12-02 13:33:48 | 000,065,536 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2009-12-02 13:33:48 | 000,000,020 | -HS- | C] () -- C:\Users\hp\ntuser.ini [2009-12-02 13:33:47 | 004,980,736 | -HS- | C] () -- C:\Users\hp\ntuser.dat ========== ZeroAccess Check ========== [2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== ========== Purity Check ========== ========== Custom Scans ========== < %systemdrive%\*.* > [2013-01-24 00:24:36 | 000,007,500 | ---- | M] () -- C:\AdwCleaner[S1].txt [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2013-01-22 18:18:51 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2013-01-24 00:28:44 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2010-11-24 01:52:44 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-24 01:52:44 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009-07-07 09:30:20 | 000,000,628 | ---- | M] () -- C:\NetworkCfg.xml [2013-01-24 00:28:42 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys [2013-01-24 00:38:27 | 000,005,840 | ---- | M] () -- C:\UsbFix.txt [2011-04-22 14:07:31 | 000,002,304 | ---- | M] () -- C:\{1D71C8FF-B0CB-4B02-ACE8-C5B28E796AC3} [2011-10-13 23:29:09 | 000,002,472 | ---- | M] () -- C:\{26925EF2-CB29-4FBC-A1FE-4774A5684C0B} [2011-04-22 18:30:21 | 000,002,368 | ---- | M] () -- C:\{52115126-C1B5-4AE3-8468-CAD2C9435483} [2011-03-08 13:36:28 | 000,002,368 | ---- | M] () -- C:\{5AF059B7-2BDF-46DC-AC9C-7538B06A6E50} [2011-03-08 13:38:44 | 000,002,448 | ---- | M] () -- C:\{9082D02F-1EB8-4D22-9A39-596CF1B20947} [2011-04-22 16:00:20 | 000,002,440 | ---- | M] () -- C:\{B125525A-B702-4787-90E8-615F34CD2AB3} [2011-04-22 14:11:52 | 000,002,480 | ---- | M] () -- C:\{C0489287-CEEC-43E5-9051-51773D5EBBBB} < MD5 for: AGP440.SYS > [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\ProgramData\SMR311\Archive\agp440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Users\All Users\SMR311\Archive\agp440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\$WINDOWS.~BT\Windows\System32\drivers\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\ProgramData\SMR311\Archive\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\All Users\SMR311\Archive\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\$WINDOWS.~BT\Windows\System32\drivers\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: BEEP.SYS > [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\ProgramData\SMR311\Archive\Beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Users\All Users\SMR311\Archive\Beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys < MD5 for: CDROM.SYS > [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\ProgramData\SMR311\Archive\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\All Users\SMR311\Archive\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\$WINDOWS.~BT\Windows\System32\drivers\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys < MD5 for: EVENTLOG.DLL > [2007-01-12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll < MD5 for: NDIS.SYS > [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\ProgramData\SMR311\Archive\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Users\All Users\SMR311\Archive\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2006-11-02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\$WINDOWS.~BT\Windows\System32\drivers\ndis.sys [2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys < MD5 for: WINLOGON.EXE > [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:2EDB1FD6807D48C4 @Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:D1B5B4F1 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:373E1720 < End of report > [/spoiler] LOG: [spoiler] Logfile of random's system information tool 1.09 (written by random/random) Run by hp at 2013-01-24 01:30:49 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 109 GB (37%) free of 297 GB Total RAM: 3069 MB (60% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AppleSoftwareUpdate.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForhp.job =========Mozilla firefox========= ProfilePath - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, otis@digitalpersona.com:5.0.0.3790, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10, firebug@software.joehewitt.com:1.6.2, "", {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, cacaoweb@cacaoweb.org:1.0.17, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20" prefs.js - "browser.search.useDBForOrder" - false "{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "otis@digitalpersona.com"=C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.146 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38] "Description"= "Path"=C:\Windows\system32\npdeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\plugins\ nppdf32.DEU nppdf32.dll nppdf32.FRA nppdf32.JPN C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\ 50f33bceb0eed@50f33bceb0f27.com {20a82645-c095-46ed-80e3-08825760534b} {b8c34bad-92d0-480c-85cc-1a74f02bc0da} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{562611BF-554D-C7EF-43BA-85EE2DD1CD7E}] SaveAs - C:\ProgramData\SaveAs\50f33bceb1080.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-24 329712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-24 59376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04 42080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-02-03 1185120] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2009-01-12 468264] "Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-08-08 524288] "UIExec"=C:\Program Files\Netia\Mobilny Internet\UIExec.exe [2009-08-11 132608] "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072] "Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2012-02-02 96128] "MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104] "AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] ""= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "IPLA!"=C:\Program Files\ipla\ipla.exe [2012-11-23 20857328] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-10-21 81952] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "DisableStatusMessages"=0 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 "NoDriveAutoRun"=3 "NofolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDriveAutoRun"=3 "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.l3codecp"=l3codecp.acm "msacm.siren"=sirenacm.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FFDS"=ff_vfw.dll "vidc.XVID"=xvidvfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.avis"=ff_acm.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "msacm.l3fhg"=mp3fhg.acm "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-01-24 01:10:36 ----D---- C:\Program Files\CrystalDiskInfo 2013-01-24 00:49:35 ----D---- C:\Program Files\Common Files\Java 2013-01-24 00:48:43 ----A---- C:\Windows\system32\npdeployJava1.dll 2013-01-24 00:48:43 ----A---- C:\Windows\system32\javaws.exe 2013-01-24 00:48:43 ----A---- C:\Windows\system32\javaw.exe 2013-01-24 00:48:43 ----A---- C:\Windows\system32\java.exe 2013-01-24 00:42:00 ----D---- C:\Program Files\Common Files\Adobe 2013-01-24 00:41:13 ----SHD---- C:\Config.Msi 2013-01-24 00:32:41 ----A---- C:\UsbFix.txt 2013-01-24 00:32:38 ----D---- C:\UsbFix 2013-01-24 00:24:28 ----A---- C:\AdwCleaner[S1].txt 2013-01-24 00:09:29 ----D---- C:\_OTL 2013-01-22 18:47:06 ----ASH---- C:\hiberfil.sys 2013-01-22 18:39:08 ----D---- C:\Boot 2013-01-22 18:18:50 ----RAS---- C:\BOOTSECT.BAK 2013-01-22 17:13:00 ----A---- C:\Windows\ntbtlog.txt 2013-01-22 16:05:08 ----D---- C:\Users\hp\AppData\Roaming\AVG2013 2013-01-22 16:03:45 ----D---- C:\Users\hp\AppData\Roaming\TuneUp Software 2013-01-22 15:59:23 ----HD---- C:\$AVG 2013-01-22 15:59:22 ----D---- C:\ProgramData\AVG2013 2013-01-22 15:57:24 ----D---- C:\Program Files\AVG 2013-01-22 15:39:49 ----SHD---- C:\found.000 2013-01-22 15:29:33 ----HD---- C:\ProgramData\Common Files 2013-01-22 15:29:33 ----D---- C:\ProgramData\MFAData 2013-01-22 14:07:17 ----D---- C:\Program Files\trend micro 2013-01-22 14:07:16 ----D---- C:\rsit 2013-01-22 13:50:22 ----D---- C:\Users\hp\AppData\Roaming\Optimizer Pro 2013-01-19 14:26:14 ----D---- C:\Windows\Minidump 2013-01-19 14:26:08 ----D---- C:\Windows\Prefetch 2013-01-13 23:40:57 ----A---- C:\Windows\Launcher.exe 2013-01-13 23:40:37 ----D---- C:\Program Files\Red Sky 2013-01-13 23:36:33 ----D---- C:\ProgramData\Cloud Software LTD 2013-01-13 23:36:08 ----D---- C:\Program Files\Optimizer Pro 2013-01-12 21:38:26 ----D---- C:\Program Files\Mozilla Firefox(9) 2013-01-12 21:38:26 ----D---- C:\Program Files\Mozilla Firefox 2013-01-09 16:05:28 ----A---- C:\Windows\system32\win32k.sys 2013-01-09 16:05:08 ----A---- C:\Windows\system32\ncrypt.dll 2013-01-09 16:05:07 ----A---- C:\Windows\system32\shlwapi.dll 2013-01-09 16:04:12 ----A---- C:\Windows\system32\msxml6.dll ======List of files/folders modified in the last 1 month====== 2013-01-24 01:30:48 ----D---- C:\Windows\Temp 2013-01-24 01:27:37 ----SHD---- C:\System Volume Information 2013-01-24 01:10:36 ----RD---- C:\Program Files 2013-01-24 00:49:42 ----SHD---- C:\Windows\Installer 2013-01-24 00:49:35 ----D---- C:\Program Files\Common Files 2013-01-24 00:48:59 ----D---- C:\Windows\System32 2013-01-24 00:48:33 ----A---- C:\Windows\system32\deployJava1.dll 2013-01-24 00:43:16 ----D---- C:\ProgramData\Adobe 2013-01-24 00:42:00 ----D---- C:\Program Files\Adobe 2013-01-24 00:41:38 ----D---- C:\Windows\winsxs 2013-01-24 00:30:29 ----D---- C:\Users\hp\AppData\Roaming\ipla 2013-01-24 00:30:04 ----A---- C:\ProgramData\hpqp.ini 2013-01-24 00:24:28 ----HD---- C:\ProgramData 2013-01-24 00:18:19 ----AD---- C:\Windows 2013-01-24 00:01:14 ----D---- C:\Program Files\Java 2013-01-23 23:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-01-23 23:58:37 ----D---- C:\Windows\inf 2013-01-23 23:36:18 ----D---- C:\Users\hp\AppData\Roaming\GG 2013-01-22 17:24:16 ----D---- C:\Users\hp\AppData\Roaming\Skype 2013-01-22 16:51:12 ----D---- C:\Users\hp\AppData\Roaming\Media Player Classic 2013-01-22 16:50:13 ----D---- C:\Windows\panther 2013-01-22 16:50:13 ----D---- C:\Windows\ModemLogs 2013-01-22 16:50:11 ----D---- C:\Windows\Logs 2013-01-22 16:50:11 ----D---- C:\Windows\Debug 2013-01-22 16:03:35 ----D---- C:\Windows\system32\drivers 2013-01-22 15:57:20 ----D---- C:\Windows\system32\catroot2 2013-01-22 15:31:00 ----D---- C:\Program Files\Common Files\Symantec Shared 2013-01-22 15:30:58 ----D---- C:\Windows\system32\Tasks 2013-01-22 15:09:17 ----AD---- C:\ProgramData\Temp 2013-01-22 10:33:31 ----D---- C:\Windows\system32\config 2013-01-22 10:33:22 ----SD---- C:\Windows\Downloaded Program Files 2013-01-22 10:33:22 ----D---- C:\Windows\Tasks 2013-01-22 10:33:22 ----D---- C:\Windows\system32\spool 2013-01-22 10:33:22 ----D---- C:\Windows\system32\Msdtc 2013-01-22 10:33:22 ----D---- C:\Windows\system32\CodeIntegrity 2013-01-22 10:33:18 ----D---- C:\Program Files\Mozilla Maintenance Service 2013-01-22 10:33:14 ----D---- C:\Windows\system32\wbem 2013-01-22 10:33:14 ----D---- C:\Windows\registration 2013-01-17 22:16:31 ----A---- C:\ProgramData\hpqp.txt 2013-01-09 19:55:12 ----D---- C:\Windows\Microsoft.NET 2013-01-09 19:55:10 ----RSD---- C:\Windows\assembly 2013-01-09 16:30:23 ----D---- C:\ProgramData\Microsoft Help 2013-01-09 16:08:51 ----A---- C:\Windows\system32\mrt.exe 2013-01-09 16:04:53 ----D---- C:\Windows\system32\catroot 2013-01-09 01:06:52 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-04-14 170000] R0 Amddfltr;Amd Disk Lower Filter Driver; C:\Windows\system32\DRIVERS\Amddfltr.sys [2008-01-07 15416] R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 7680] R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-11-15 94048] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-03-27 24424] R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R0 SMR311;Symantec SMR Utility Service 3.1.1; C:\Windows\System32\drivers\SMR311.SYS [2012-10-18 97440] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-09-21 164832] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232] R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};Power Control [2010/06/09 13:04:42]; \??\C:\Program Files\HP\QuickPlay\000.fcl [2009-01-12 87536] R2 RMCAST;Sterownik protokołu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 5120] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936] R3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S3 ALSysIO;ALSysIO; \??\C:\Users\hp\AppData\Local\Temp\ALSysIO.sys [] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424] S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272] S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-01 102912] S3 iscFlash;iscFlash; \??\C:\SwSetup\SP46501\iscflash.sys [2009-06-16 13312] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-04-22 9728] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064] S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-02-02 104960] S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-02-02 105344] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-02-02 104960] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2009-01-12 292216] R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2009-01-12 116080] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273] R2 UI Assistant Service;UI Assistant Service; C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe [2009-08-11 241664] R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832] S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400] S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-12 115760] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF----------------- [/spoiler] 8. Mam takie pytanko, nie instalowałem programu o nazwie Optymalizer Pro, nie wiem skąd się wziął,a jak chce go odinstalować to wyskakuje mi screen: http://imageshack.us/photo/my-images/820/beztytuau.jpg/
Natsuki Kuga komentarz 25 stycznia 2013 komentarz 25 stycznia 2013 Windows Defender: http://imageshack.us/photo/my-images/560/beztytuumqh.jpg/ Czy usługa uruchamia się poprawnie po kliknięciu Włącz i otwórz usługę Windows Defender? 4.nie posiadam pamięci przenośnych W takim razie użyj USBFix bez nich. 6. CrystalDisklnfo nie ciachał się uruchomić screen:http://imageshack.us...bezbhtytuu.jpg/ Użyj w zamian HDTune. 8. Mam takie pytanko, nie instalowałem programu o nazwie Optymalizer Pro, nie wiem skąd się wziął,a jak chce go odinstalować to wyskakuje mi screen: http://imageshack.us.../beztytuau.jpg/ Pokazywało ci się może kiedyś takie okno?: Do OTL wklej: [spoiler] :OTL O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4 - HKLM..\RunOnce: [] File not found :Files C:\Program Files\Common Files\PC Tools C:\ProgramData\SaveAs :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{562611BF-554D-C7EF-43BA-85EE2DD1CD7E}] :Services PCToolsSSDMonitorSvc [/spoiler]Wykonaj skrypt, pokaż raport.
pokus632 komentarz 25 stycznia 2013 Autor komentarz 25 stycznia 2013 (edytowane) 1.Windows Defender uruchamia się poprawnie. 2. Usbfix: [spoiler]############################## | UsbFix V 7.093 | [Deletion] User: hp (Administrator) # HP-PC Updated 08/07/2012 by El Desaparecido Started at 11:24:03 | 25/01/2013 Website: http://eldesaparecido.com Forum: http://forum.eldesaparecido.com Suspicious file ? : http://eldesaparecido.com/upload.php Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HP Pavilion dv5 Notebook PC) (X86-based PC) # Notebook CPU: AMD Turion(tm) X2 Ultra Dual-Core Mobile ZM-80 (2100) RAM -> [Total : 3069 | Free : 1722] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: AVG Anti-Virus 2013 [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 290 Gb (106 Mb free - 37%) [] # NTFS D:\ -> Fixed drive # 8 Gb (2 Mb free - 19%) [HP_RECOVERY] # NTFS E:\ -> CD-ROM ################## | Active Processes | C:\Program Files\AVG\AVG2013\avgrsx.exe (472) C:\Program Files\AVG\AVG2013\avgcsrvx.exe (512) C:\Windows\system32\csrss.exe (784) C:\Windows\system32\wininit.exe (836) C:\Windows\system32\csrss.exe (856) C:\Windows\system32\services.exe (888) C:\Windows\system32\lsass.exe (904) C:\Windows\system32\lsm.exe (912) C:\Windows\system32\svchost.exe (1056) C:\Windows\system32\svchost.exe (1120) C:\Windows\system32\Ati2evxx.exe (1204) C:\Windows\System32\svchost.exe (1228) C:\Windows\System32\svchost.exe (1256) C:\Windows\system32\svchost.exe (1288) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe (1304) C:\Windows\system32\winlogon.exe (1344) C:\Windows\system32\svchost.exe (1568) C:\Windows\system32\SLsvc.exe (1588) C:\Windows\system32\svchost.exe (1680) C:\Windows\system32\Ati2evxx.exe (1716) C:\Windows\system32\Hpservice.exe (1764) C:\Windows\system32\vfsFPService.exe (1820) C:\Windows\system32\svchost.exe (1880) C:\Windows\system32\WLANExt.exe (2032) C:\Windows\System32\spoolsv.exe (572) C:\Windows\system32\taskeng.exe (464) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (952) C:\Windows\system32\svchost.exe (1792) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2128) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe (2144) C:\Program Files\AVG\AVG2013\avgidsagent.exe (2160) C:\Program Files\AVG\AVG2013\avgwdsvc.exe (2188) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe (2212) C:\Windows\system32\svchost.exe (2228) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2268) C:\Windows\system32\svchost.exe (2412) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (2592) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe (2608) C:\Windows\SMINST\BLService.exe (2624) C:\Program Files\CyberLink\Shared Files\RichVideo.exe (2676) C:\Windows\system32\svchost.exe (2724) C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe (2768) C:\Windows\System32\svchost.exe (2808) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2828) C:\Windows\system32\SearchIndexer.exe (2856) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2908) C:\Windows\servicing\TrustedInstaller.exe (3064) C:\Program Files\AVG\AVG2013\avgnsx.exe (3488) C:\Program Files\AVG\AVG2013\avgemcx.exe (3504) C:\Windows\system32\taskeng.exe (3700) C:\Windows\system32\Dwm.exe (3816) C:\Windows\system32\taskeng.exe (3828) C:\Windows\Explorer.EXE (3864) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (972) C:\Program Files\HP\QuickPlay\QPService.exe (1192) C:\Windows\Samsung\PanelMgr\SSMMgr.exe (1152) C:\Program Files\Netia\Mobilny Internet\UIExec.exe (2152) C:\Windows\WindowsMobile\wmdc.exe (2508) C:\Program Files\OLYMPUS\ib\olycamdetect.exe (788) C:\Program Files\AVG\AVG2013\avgui.exe (3152) C:\Program Files\Common Files\Java\Java Update\jusched.exe (3912) C:\Program Files\Windows Sidebar\sidebar.exe (1448) C:\Windows\ehome\ehtray.exe (1620) C:\Program Files\ipla\ipla.exe (1848) C:\Program Files\Windows Media Player\wmpnscfg.exe (3732) C:\Windows\System32\mobsync.exe (1532) C:\Windows\ehome\ehmsas.exe (1212) C:\Windows\system32\SearchProtocolHost.exe (1216) C:\Windows\system32\svchost.exe (1476) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (2468) C:\Program Files\Windows Media Player\wmpnetwk.exe (4208) C:\Windows\system32\wbem\wmiprvse.exe (4228) C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (4544) C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (4832) C:\Windows\system32\svchost.exe (4952) C:\Windows\system32\wbem\unsecapp.exe (5444) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (5588) C:\Program Files\Windows Defender\MSASCui.exe (1600) C:\Windows\System32\svchost.exe (4868) C:\Windows\system32\SearchFilterHost.exe (2076) C:\UsbFix\Go.exe (3664) C:\Windows\system32\wbem\wmiprvse.exe (3088) C:\Program Files\AVG\AVG2013\avgmfapx.exe (4720) ################## | Stopped processes | Stopped! C:\Program Files\AVG\AVG2013\avgrsx.exe (472) Stopped! C:\Program Files\AVG\AVG2013\avgcsrvx.exe (512) Stopped! C:\Windows\system32\Ati2evxx.exe (1204) Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe (1304) Stopped! C:\Windows\system32\SLsvc.exe (1588) Stopped! C:\Windows\system32\Ati2evxx.exe (1716) Stopped! C:\Windows\system32\Hpservice.exe (1764) Stopped! C:\Windows\system32\vfsFPService.exe (1820) Stopped! C:\Windows\system32\WLANExt.exe (2032) Stopped! C:\Windows\System32\spoolsv.exe (572) Stopped! C:\Windows\system32\taskeng.exe (464) Stopped! C:\Program Files\DigitalPersona\Bin\DpHostW.exe (952) Stopped! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2128) Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe (2144) Stopped! C:\Program Files\AVG\AVG2013\avgidsagent.exe (2160) Stopped! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (2188) Stopped! C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe (2212) Stopped! C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2268) Stopped! C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (2592) Stopped! C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe (2608) Stopped! C:\Windows\SMINST\BLService.exe (2624) Stopped! C:\Program Files\CyberLink\Shared Files\RichVideo.exe (2676) Stopped! C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe (2768) Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2828) Stopped! C:\Windows\system32\SearchIndexer.exe (2856) Stopped! C:\Windows\servicing\TrustedInstaller.exe (3064) Stopped! C:\Program Files\AVG\AVG2013\avgnsx.exe (3488) Stopped! C:\Program Files\AVG\AVG2013\avgemcx.exe (3504) Stopped! C:\Windows\system32\taskeng.exe (3700) Stopped! C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (972) Stopped! C:\Program Files\HP\QuickPlay\QPService.exe (1192) Stopped! C:\Windows\Samsung\PanelMgr\SSMMgr.exe (1152) Stopped! C:\Program Files\Netia\Mobilny Internet\UIExec.exe (2152) Stopped! C:\Windows\WindowsMobile\wmdc.exe (2508) Stopped! C:\Program Files\OLYMPUS\ib\olycamdetect.exe (788) Stopped! C:\Program Files\AVG\AVG2013\avgui.exe (3152) Stopped! C:\Program Files\Common Files\Java\Java Update\jusched.exe (3912) Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (1448) Stopped! C:\Windows\ehome\ehtray.exe (1620) Stopped! C:\Program Files\ipla\ipla.exe (1848) Stopped! C:\Program Files\Windows Media Player\wmpnscfg.exe (3732) Stopped! C:\Windows\System32\mobsync.exe (1532) Stopped! C:\Windows\ehome\ehmsas.exe (1212) Stopped! C:\Windows\system32\SearchProtocolHost.exe (1216) Stopped! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (2468) Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (4208) Stopped! C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (4544) Stopped! C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (4832) Stopped! c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (5588) Stopped! C:\Program Files\Windows Defender\MSASCui.exe (1600) Stopped! C:\Windows\system32\DllHost.exe (3836) ################## | Files # Infected Folders | Deleted ! C:\$RECYCLE.BIN\S-1-5-21-168299090-1096314759-280584690-1000 Deleted ! C:\$RECYCLE.BIN\S-1-5-21-168299090-1096314759-280584690-500 Deleted ! C:\$RECYCLE.BIN\S-1-5-21-3546456879-2262268126-2680332542-500 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-168299090-1096314759-280584690-1000 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-168299090-1096314759-280584690-500 (!) Temporary files deleted. ################## | Registry | Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr Deleted ! HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig Deleted ! HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore|DisableSR Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions ################## | Mountpoints2 | Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{5505614f-ac81-11e1-b9e9-00218673ca54} Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{a2c95c31-73b5-11df-85ea-806e6f6e6963} ################## | Listing | [22/01/2013 - 15:59:23 | D ] C:\$AVG [25/01/2013 - 11:27:35 | SHD ] C:\$Recycle.Bin [05/12/2006 - 05:46:52 | D ] C:\$WINDOWS.~BT [24/01/2013 - 00:24:36 | N | 7500] C:\AdwCleaner[S1].txt [18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat [22/01/2013 - 18:39:10 | D ] C:\Boot [11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr [22/01/2013 - 18:18:51 | N | 8192] C:\BOOTSECT.BAK [25/01/2013 - 11:18:29 | D ] C:\Config.Msi [18/09/2006 - 22:43:37 | N | 10] C:\config.sys [02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings [22/01/2013 - 15:39:49 | D ] C:\found.000 [15/07/2010 - 22:01:16 | D ] C:\Games [25/01/2013 - 11:18:32 | ASH | 3218956288] C:\hiberfil.sys [11/06/2008 - 16:16:44 | D ] C:\HP [24/11/2010 - 01:52:44 | N | 0] C:\IO.SYS [24/11/2010 - 01:52:44 | N | 0] C:\MSDOS.SYS [02/12/2009 - 13:38:14 | RHD ] C:\MSOCache [15/07/2010 - 22:10:49 | D ] C:\My Games [07/07/2009 - 09:30:20 | N | 628] C:\NetworkCfg.xml [25/01/2013 - 11:18:29 | ASH | 3532742656] C:\pagefile.sys [21/01/2008 - 03:32:31 | D ] C:\PerfLogs [25/01/2013 - 11:21:17 | D ] C:\Program Files [24/01/2013 - 00:24:28 | HD ] C:\ProgramData [22/01/2013 - 14:07:19 | D ] C:\rsit [16/06/2010 - 13:50:59 | D ] C:\SWSetup [24/01/2013 - 01:27:37 | SHD ] C:\System Volume Information [02/12/2009 - 13:42:37 | D ] C:\System.sav [25/01/2013 - 11:27:35 | D ] C:\UsbFix [25/01/2013 - 11:24:48 | A | 10877] C:\UsbFix.txt [07/09/2010 - 09:59:03 | D ] C:\Users [24/01/2013 - 00:18:19 | D ] C:\Windows [24/01/2013 - 00:09:29 | D ] C:\_OTL [22/04/2011 - 14:07:31 | N | 2304] C:\{1D71C8FF-B0CB-4B02-ACE8-C5B28E796AC3} [13/10/2011 - 23:29:09 | N | 2472] C:\{26925EF2-CB29-4FBC-A1FE-4774A5684C0B} [22/04/2011 - 18:30:21 | N | 2368] C:\{52115126-C1B5-4AE3-8468-CAD2C9435483} [08/03/2011 - 13:36:28 | N | 2368] C:\{5AF059B7-2BDF-46DC-AC9C-7538B06A6E50} [08/03/2011 - 13:38:44 | N | 2448] C:\{9082D02F-1EB8-4D22-9A39-596CF1B20947} [22/04/2011 - 16:00:20 | N | 2440] C:\{B125525A-B702-4787-90E8-615F34CD2AB3} [22/04/2011 - 14:11:52 | N | 2480] C:\{C0489287-CEEC-43E5-9051-51773D5EBBBB} [25/01/2013 - 11:27:35 | SHD ] D:\$RECYCLE.BIN [02/12/2009 - 13:34:14 | N | 13] D:\BLOCK.RIN [27/09/2008 - 02:11:33 | RSHD ] D:\boot [03/10/2006 - 23:02:44 | SH | 438328] D:\bootmgr [26/03/2008 - 16:08:32 | SH | 1089] D:\Desktop.ini [10/09/2002 - 16:14:28 | N | 8134] D:\Folder.htt [27/09/2008 - 02:12:04 | D ] D:\HP [25/01/2013 - 11:24:42 | N | 151] D:\MASTER.LOG [27/09/2008 - 02:11:42 | RSHD ] D:\PRELOAD [16/09/2002 - 14:37:48 | SH | 181898] D:\protect.chinese hong kong [16/09/2002 - 14:37:40 | SH | 181916] D:\protect.chinese simplified [16/09/2002 - 14:37:48 | SH | 181898] D:\protect.chinese traditional [27/04/2006 - 16:19:40 | SH | 181865] D:\protect.czech [03/11/2005 - 15:21:26 | SH | 181726] D:\protect.danish [10/09/2002 - 13:56:12 | SH | 181605] D:\protect.dutch [10/09/2002 - 13:50:18 | N | 181651] D:\protect.ed [22/11/2004 - 15:28:30 | SH | 181648] D:\protect.english [03/11/2005 - 15:20:20 | SH | 181673] D:\protect.finnish [03/11/2005 - 15:19:52 | SH | 181736] D:\protect.french [03/11/2005 - 15:18:10 | SH | 181669] D:\protect.german [23/11/2005 - 15:56:46 | SH | 182689] D:\protect.greek [23/01/2006 - 09:18:00 | SH | 182605] D:\protect.hebrew [28/08/2007 - 14:58:08 | N | 181696] D:\protect.hungarian [03/11/2005 - 15:17:00 | SH | 181554] D:\protect.italian [19/06/2007 - 15:22:10 | SH | 182351] D:\protect.japanese [24/11/2005 - 11:24:44 | SH | 218295] D:\protect.korean [03/11/2005 - 15:15:12 | SH | 181578] D:\protect.norwegian [25/04/2006 - 14:44:10 | SH | 181789] D:\protect.polish [03/11/2005 - 15:13:12 | SH | 181624] D:\protect.portuguese [27/10/2005 - 19:24:10 | SH | 181882] D:\protect.portuguese brazilian [28/06/2004 - 08:52:46 | SH | 211936] D:\protect.russian [03/11/2005 - 15:11:46 | SH | 181586] D:\protect.spanish [10/09/2002 - 14:15:06 | SH | 181602] D:\protect.swedish [12/08/2003 - 10:37:30 | SH | 181783] D:\protect.turkish [27/09/2008 - 02:11:32 | RD ] D:\RECOVERY [27/09/2008 - 02:11:36 | RSHD ] D:\SOURCES [22/01/2013 - 15:50:39 | SHD ] D:\System Volume Information [27/09/2008 - 02:11:57 | D ] D:\Tools [22/01/2013 - 08:53:50 | D ] D:\toruń [27/09/2008 - 02:11:39 | D ] D:\WINDOWS ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_HP-PC.ziphttp://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F | [/spoiler] 3. HDTune http://imageshack.us/photo/my-images/402/39751866.jpg/ 4.Takie ono nie, ale mogę nie pamiętać. Zawsze przy uruchomieniu systemu wyskakiwało mi powiadomienie z tego programu że mam uszkodzone pliki systemowe i żebym je wyleczył. I się wkurzyłem i chciałem odinstalować a tu nie da rady. 5.Raport [spoiler]========== OTL ========== Registry value HKEY_USERS\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully. ========== FILES ========== File\Folder C:\Program Files\Common Files\PC Tools not found. File\Folder C:\ProgramData\SaveAs not found. ========== REGISTRY ========== ========== SERVICES/DRIVERS ========== Service PCToolsSSDMonitorSvc stopped successfully! Service PCToolsSSDMonitorSvc deleted successfully! OTL by OldTimer - Version 3.2.69.0 log created on 01252013_114805 [/spoiler] 6.Logi OTL [spoiler]OTL logfile created on: 2013-01-25 13:02:11 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hp\Desktop\Nowy folder Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 62,63% Memory free 6,22 Gb Paging File | 5,07 Gb Available in Paging File | 81,52% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 289,95 Gb Total Space | 106,12 Gb Free Space | 36,60% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,54 Gb Free Space | 18,97% Space Free | Partition Type: NTFS Drive F: | 931,48 Gb Total Space | 804,26 Gb Free Space | 86,34% Space Free | Partition Type: NTFS Computer Name: HP-PC | User Name: hp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days ========== Processes (All) ========== PRC - [2013-01-22 10:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\Nowy folder\OTL.exe PRC - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe PRC - [2012-10-30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe PRC - [2012-10-22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe PRC - [2012-10-22 13:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgex.exe PRC - [2012-10-22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe PRC - [2012-10-22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-09-17 12:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE PRC - [2012-02-02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe PRC - [2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2011-04-28 15:14:54 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ielowutil.exe PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2010-09-21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010-09-21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-12-01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2009-08-11 17:53:08 | 000,241,664 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe PRC - [2009-08-11 17:52:46 | 000,132,608 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-04-11 07:27:59 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe PRC - [2009-04-11 07:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009-01-12 15:50:42 | 000,292,216 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe PRC - [2009-01-12 15:50:42 | 000,116,080 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe PRC - [2009-01-12 15:50:08 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe PRC - [2008-08-08 06:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe PRC - [2008-06-27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe PRC - [2008-04-15 12:40:10 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe PRC - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2008-03-28 10:17:20 | 000,667,648 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe PRC - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008-03-26 14:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008-03-18 15:24:58 | 000,019,456 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe PRC - [2008-02-26 13:13:22 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008-01-25 17:05:30 | 000,148,832 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2008-01-21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008-01-21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 03:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 03:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008-01-21 03:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe PRC - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PRC - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PRC - [2007-05-31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe PRC - [2007-01-09 10:25:00 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ========== Modules (All) ========== MOD - [2013-01-22 10:23:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp\Desktop\Nowy folder\OTL.exe MOD - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe MOD - [2012-12-11 03:52:20 | 002,608,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgkrnlapix.dll MOD - [2012-12-06 04:07:10 | 000,793,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgsysx.dll MOD - [2012-11-22 04:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2012-11-20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2012-11-15 23:34:32 | 001,001,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgx.dll MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2012-11-14 03:09:22 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2012-11-14 02:52:27 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2012-11-14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2012-11-02 11:19:34 | 001,400,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2012-10-22 13:04:38 | 002,024,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avguires.dll MOD - [2012-10-22 13:04:36 | 000,025,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgapps.dll MOD - [2012-10-22 13:04:16 | 000,230,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgse.dll MOD - [2012-10-22 13:04:12 | 000,862,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgntopensslx.dll MOD - [2012-10-22 13:04:10 | 000,311,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avglogx.dll MOD - [2012-10-22 13:04:10 | 000,177,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avglngx.dll MOD - [2012-10-22 13:04:08 | 000,481,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcommx.dll MOD - [2012-10-22 13:04:08 | 000,403,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgdecider.dll MOD - [2012-10-22 13:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgex.exe MOD - [2012-10-22 13:04:04 | 000,348,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidpmx.dll MOD - [2012-10-22 13:03:44 | 000,279,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgclitx.dll MOD - [2012-10-13 11:38:14 | 000,856,064 | ---- | M] (GG Network S.A.) -- C:\Users\hp\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll MOD - [2012-09-28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2012-09-25 17:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll MOD - [2012-09-17 12:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe MOD - [2012-08-24 16:53:29 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2012-06-29 17:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2012-06-05 17:47:27 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2012-06-05 10:41:30 | 001,232,896 | ---- | M] (GG Network S.A.) -- C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll MOD - [2012-06-02 01:04:25 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2012-06-02 01:02:32 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2012-06-02 01:02:32 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2012-03-01 15:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2012-03-01 15:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2012-02-29 16:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2012-02-29 15:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2012-02-29 14:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2012-02-29 14:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2012-02-03 16:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll MOD - [2012-02-02 15:16:30 | 000,145,280 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\subsys\OlyLib\OlyBar.dll MOD - [2012-02-02 15:16:30 | 000,116,608 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\subsys\OlyLib\OlyGin.dll MOD - [2012-02-02 15:14:56 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe MOD - [2011-12-14 17:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2011-11-18 21:23:34 | 001,205,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-16 17:23:08 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2011-10-14 17:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2011-08-25 17:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-25 17:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-06-17 00:08:56 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-17 00:08:50 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 00:08:50 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-15 17:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2011-05-02 18:16:14 | 000,739,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll MOD - [2011-04-28 15:14:56 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-04-28 15:14:54 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ielowutil.exe MOD - [2011-04-28 15:14:50 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll MOD - [2011-03-10 18:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll MOD - [2011-03-02 16:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-19 23:03:12 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100u.dll MOD - [2011-02-19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll MOD - [2011-02-19 23:03:12 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100enu.dll MOD - [2011-02-19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll MOD - [2011-01-20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2011-01-20 17:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2011-01-20 17:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2011-01-20 17:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2011-01-20 17:07:16 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2011-01-20 17:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-12-28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll MOD - [2010-11-04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe MOD - [2010-09-13 16:46:16 | 010,628,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll MOD - [2010-09-13 14:56:41 | 008,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2010-08-31 16:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll MOD - [2010-08-26 17:37:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-06-18 18:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-05-04 20:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-03-15 10:28:22 | 000,142,336 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-12-04 19:28:51 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2009-10-23 18:10:19 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2009-10-01 02:02:04 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2009-10-01 02:02:02 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2009-10-01 02:01:59 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-09-25 03:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-09-25 03:07:08 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll MOD - [2009-09-25 03:04:32 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll MOD - [2009-09-10 17:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll MOD - [2009-09-04 12:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2009-08-11 17:52:46 | 000,132,608 | ---- | M] () -- C:\Program Files\Netia\Mobilny Internet\UIExec.exe MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-11 20:01:41 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-06-15 15:51:38 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-04-11 07:28:26 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll MOD - [2009-04-11 07:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll MOD - [2009-04-11 07:28:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2009-04-11 07:28:25 | 001,671,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-04-11 07:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-04-11 07:28:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-04-11 07:28:25 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll MOD - [2009-04-11 07:28:25 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll MOD - [2009-04-11 07:28:25 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-04-11 07:28:25 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpband.dll MOD - [2009-04-11 07:28:25 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll MOD - [2009-04-11 07:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll MOD - [2009-04-11 07:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-04-11 07:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-04-11 07:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-04-11 07:28:24 | 001,576,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll MOD - [2009-04-11 07:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-04-11 07:28:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2009-04-11 07:28:24 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-04-11 07:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2009-04-11 07:28:23 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2009-04-11 07:28:23 | 002,225,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll MOD - [2009-04-11 07:28:23 | 001,823,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2009-04-11 07:28:23 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll MOD - [2009-04-11 07:28:23 | 001,381,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Query.dll MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-04-11 07:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-04-11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-04-11 07:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-04-11 07:28:23 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll MOD - [2009-04-11 07:28:22 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2009-04-11 07:28:22 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll MOD - [2009-04-11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2009-04-11 07:28:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2009-04-11 07:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-04-11 07:28:22 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll MOD - [2009-04-11 07:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2009-04-11 07:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-04-11 07:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-04-11 07:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2009-04-11 07:28:20 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2009-04-11 07:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-04-11 07:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-04-11 07:28:20 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-04-11 07:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-04-11 07:28:19 | 002,134,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll MOD - [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll MOD - [2009-04-11 07:28:19 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2009-04-11 07:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll MOD - [2009-04-11 07:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-04-11 07:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-04-11 07:28:19 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll MOD - [2009-04-11 07:28:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll MOD - [2009-04-11 07:28:19 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-04-11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-04-11 07:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-04-11 07:28:19 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll MOD - [2009-04-11 07:28:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll MOD - [2009-04-11 07:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2009-04-11 07:28:18 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2009-04-11 07:28:18 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2009-04-11 07:28:18 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll MOD - [2009-04-11 07:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll MOD - [2009-04-11 07:28:18 | 001,209,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll MOD - [2009-04-11 07:28:18 | 001,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll MOD - [2009-04-11 07:28:18 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-04-11 07:28:18 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll MOD - [2009-04-11 07:28:18 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-04-11 07:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-04-11 07:28:18 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credui.dll MOD - [2009-04-11 07:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-04-11 07:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-04-11 07:28:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2009-04-11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe MOD - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe MOD - [2009-04-11 07:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe MOD - [2009-04-11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe MOD - [2009-04-11 07:27:12 | 001,122,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl MOD - [2009-04-11 07:27:12 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2009-04-11 07:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2009-04-11 07:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-02-26 16:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL MOD - [2009-01-12 15:50:42 | 000,271,760 | ---- | M] (Cyberlink) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll MOD - [2009-01-12 15:50:38 | 000,062,832 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll MOD - [2009-01-12 15:50:36 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\MFC71.dll MOD - [2009-01-12 15:50:36 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\msvcp71.dll MOD - [2009-01-12 15:50:36 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\HP\QuickPlay\msvcr71.dll MOD - [2009-01-12 15:50:08 | 000,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe MOD - [2009-01-12 15:50:06 | 000,066,856 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Helper.dll MOD - [2009-01-12 15:49:44 | 000,075,048 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll MOD - [2009-01-12 15:49:44 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll MOD - [2008-08-08 06:03:41 | 000,524,288 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe MOD - [2008-06-27 19:41:52 | 000,406,016 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll MOD - [2008-04-11 08:04:54 | 000,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe MOD - [2008-03-28 10:19:10 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008-03-28 10:18:58 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll MOD - [2008-03-28 10:05:14 | 003,074,560 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll MOD - [2008-03-28 09:51:30 | 004,088,320 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll MOD - [2008-02-04 12:29:02 | 000,688,128 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2008-01-21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe MOD - [2008-01-21 03:25:33 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnssci.dll MOD - [2008-01-21 03:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 03:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2008-01-21 03:25:18 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll MOD - [2008-01-21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe MOD - [2008-01-21 03:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe MOD - [2008-01-21 03:25:01 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2008-01-21 03:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2008-01-21 03:25:01 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nci.dll MOD - [2008-01-21 03:24:57 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll MOD - [2008-01-21 03:24:56 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2008-01-21 03:24:56 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2008-01-21 03:24:54 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll MOD - [2008-01-21 03:24:54 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2008-01-21 03:24:54 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2008-01-21 03:24:54 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2008-01-21 03:24:54 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2008-01-21 03:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2008-01-21 03:24:50 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll MOD - [2008-01-21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 03:24:48 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2008-01-21 03:24:47 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2008-01-21 03:24:47 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2008-01-21 03:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 03:24:46 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll MOD - [2008-01-21 03:24:46 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2008-01-21 03:24:45 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2008-01-21 03:24:44 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2008-01-21 03:24:41 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2008-01-21 03:24:41 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll MOD - [2008-01-21 03:24:39 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll MOD - [2008-01-21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 03:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll MOD - [2008-01-21 03:24:37 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2008-01-21 03:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2008-01-21 03:24:29 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2008-01-21 03:24:28 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll MOD - [2008-01-21 03:24:28 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll MOD - [2008-01-21 03:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 03:24:25 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2008-01-21 03:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 03:24:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll MOD - [2008-01-21 03:24:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2008-01-21 03:24:13 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2008-01-21 03:24:12 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll MOD - [2008-01-21 03:24:11 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2008-01-21 03:24:06 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll MOD - [2008-01-21 03:24:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2008-01-21 03:24:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2008-01-21 03:24:04 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2008-01-21 03:23:58 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll MOD - [2008-01-21 03:23:54 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2008-01-21 03:23:54 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll MOD - [2008-01-21 03:23:53 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll MOD - [2008-01-21 03:23:53 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2008-01-21 03:23:52 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll MOD - [2008-01-21 03:23:50 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll MOD - [2008-01-21 03:23:50 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2008-01-21 03:23:45 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2008-01-21 03:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2008-01-21 03:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 03:23:40 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll MOD - [2008-01-21 03:23:39 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll MOD - [2008-01-21 03:23:39 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll MOD - [2008-01-21 03:23:33 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll MOD - [2008-01-21 03:23:32 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe MOD - [2008-01-16 16:19:58 | 000,184,320 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BTNCopy.dll MOD - [2007-11-20 07:45:22 | 000,003,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamplk.dll MOD - [2007-11-20 06:44:58 | 000,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe MOD - [2007-09-26 05:34:40 | 000,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe MOD - [2007-05-31 08:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe MOD - [2007-05-31 08:21:18 | 000,223,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapistub.dll MOD - [2007-05-31 08:21:04 | 000,105,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapi.dll MOD - [2007-05-31 08:21:00 | 000,075,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ceutil.dll MOD - [2007-05-31 08:20:56 | 000,058,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdsyncman.dll MOD - [2007-05-31 08:20:28 | 000,024,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcescommproxy.dll MOD - [2007-05-31 08:20:24 | 000,024,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rapiproxystub.dll MOD - [2006-11-02 13:35:33 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehProxy.dll MOD - [2006-11-02 13:35:21 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\wlsrvc.dll MOD - [2006-11-02 13:34:50 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2006-11-02 13:34:48 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2006-11-02 13:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2006-11-02 10:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2006-11-02 10:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll MOD - [2006-11-02 10:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2006-11-02 10:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2006-11-02 10:46:13 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TaskSchdPS.dll MOD - [2006-11-02 10:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll MOD - [2006-11-02 10:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll MOD - [2006-11-02 10:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll MOD - [2006-11-02 10:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2006-11-02 10:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2006-11-02 10:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2006-11-02 10:46:11 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netrap.dll MOD - [2006-11-02 10:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2006-11-02 10:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2006-11-02 10:46:05 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2006-11-02 10:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2006-11-02 10:46:04 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dtsh.dll MOD - [2006-11-02 10:46:04 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdWNet.dll MOD - [2006-11-02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2006-11-02 10:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2006-11-02 10:46:02 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2006-11-02 10:42:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcint.dll MOD - [2006-11-02 09:48:55 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll MOD - [2006-11-02 09:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2005-07-22 08:21:46 | 000,032,768 | ---- | M] () -- C:\Program Files\MP3 Player Utilities 4.10\AMVConverter\AmvTransform.dll MOD - [2003-12-26 10:26:20 | 000,137,728 | ---- | M] () -- C:\Program Files\Kongsoft\Easy CD Ripper\MenuHandler.dll MOD - [2003-02-21 11:42:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll ========== Services (SafeList) ========== SRV - [2013-01-12 21:38:39 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-09 01:06:57 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-02-10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012-02-10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2009-12-01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009-08-11 17:53:08 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe -- (UI Assistant Service) SRV - [2008-06-27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -- (STacSV) SRV - [2008-03-26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008-03-26 14:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-02-12 06:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\hp\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO) DRV - [2012-11-15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012-10-22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012-10-18 18:24:06 | 000,097,440 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SMR311.SYS -- (SMR311) DRV - [2012-10-15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012-10-02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-09-21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012-09-21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2012-09-21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2012-09-14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2009-12-01 09:35:54 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-16 12:00:16 | 000,013,312 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\SWSetup\SP46501\iscflash.sys -- (iscFlash) DRV - [2009-04-22 15:35:04 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009-04-11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2009-02-02 17:14:20 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009-02-02 17:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009-02-02 17:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009-01-12 15:50:04 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/06/09 13:04:42] [Kernel | Auto | Running] -- C:\Program Files\HP\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) DRV - [2008-06-27 19:44:18 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008-05-02 09:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-05-02 09:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-05-02 09:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008-05-02 09:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-04-27 10:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-04-14 23:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2008-04-14 20:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-04-01 12:14:00 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008-03-28 12:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008-03-27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV - [2008-03-27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008-03-26 17:28:08 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008-01-23 22:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008-01-07 21:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Amddfltr.sys -- (Amddfltr) DRV - [2007-08-13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) DRV - [2007-07-11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007-02-16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-11-02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-10-29 21:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{E673692D-D93A-4A1E-917C-CD4A05605833}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{9B3712E9-B972-413D-A123-3801D4192562}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{9B3712E9-B972-413D-A123-3801D4192562}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-168299090-1096314759-280584690-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.7 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010-06-24 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-24 00:48:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2010-06-24 13:06:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-22 10:33:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-24 00:48:43 | 000,000,000 | ---D | M] [2010-10-12 17:11:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\Mozilla\Extensions [2013-01-25 12:30:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions [2010-10-16 21:58:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-01-22 10:33:22 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\50f33bceb0eed@50f33bceb0f27.com [2012-12-20 00:06:35 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\firebug@software.joehewitt.com.xpi [2012-08-25 21:53:38 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-01-24 00:48:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-01-22 10:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-01-24 00:48:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2013-01-12 21:38:39 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll ========== Chrome ========== CHR - homepage: http://websearch.just-browse.info/ CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidphlojnhblpolbjemjnpadploaalhl\1\ O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SaveAs) - {562611BF-554D-C7EF-43BA-85EE2DD1CD7E} - C:\ProgramData\SaveAs\50f33bceb1080.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Olympus ib] C:\Program Files\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [UIExec] C:\Program Files\Netia\Mobilny Internet\UIExec.exe () O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-168299090-1096314759-280584690-1000..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-168299090-1096314759-280584690-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19E04987-082A-4DDC-A462-1F40C8DA516E}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFCF1368-503C-4ECF-9FBA-C39CD157AF40}: NameServer = 87.204.204.204,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCC5C337-101A-44DC-9D74-F2D51D9DCD91}: NameServer = 87.204.204.204,8.8.8.8 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\hp\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2013-01-25 11:29:02 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013-01-25 11:29:02 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ========== Files/Folders - Created Within 30 Days ========== [2013-01-25 11:29:02 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2013-01-25 11:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune [2013-01-25 11:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune [2013-01-25 11:20:46 | 000,642,632 | ---- | C] (EFD Software ) -- C:\Users\hp\Desktop\hdtune_255.exe [2013-01-24 01:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [2013-01-24 01:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo [2013-01-24 00:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-01-24 00:42:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013-01-24 00:41:13 | 000,000,000 | ---D | C] -- C:\Config.Msi [2013-01-24 00:32:38 | 000,000,000 | ---D | C] -- C:\UsbFix [2013-01-24 00:09:29 | 000,000,000 | ---D | C] -- C:\_OTL [2013-01-22 18:39:08 | 000,000,000 | ---D | C] -- C:\Boot [2013-01-22 17:14:46 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\MigWiz [2013-01-22 16:05:08 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\AVG2013 [2013-01-22 16:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013-01-22 16:03:45 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\TuneUp Software [2013-01-22 15:59:23 | 000,000,000 | ---D | C] -- C:\$AVG [2013-01-22 15:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013-01-22 15:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2013-01-22 15:39:49 | 000,000,000 | ---D | C] -- C:\found.000 [2013-01-22 15:29:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013-01-22 15:29:33 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\MFAData [2013-01-22 15:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013-01-22 15:29:33 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Avg2013 [2013-01-22 14:30:10 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Instalki [2013-01-22 14:28:13 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Zdjęcia [2013-01-22 14:25:58 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\World [2013-01-22 14:24:32 | 000,000,000 | ---D | C] -- C:\Users\hp\Desktop\Programy [2013-01-22 14:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2013-01-22 14:07:16 | 000,000,000 | ---D | C] -- C:\rsit [2013-01-22 13:50:22 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Optimizer Pro [2013-01-22 13:27:54 | 000,000,000 | R--D | C] -- C:\Users\hp\Desktop\Nowy folder [2013-01-19 14:26:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013-01-19 14:26:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013-01-13 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownTango [2013-01-13 23:40:44 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\DownTango [2013-01-13 23:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Red Sky [2013-01-13 23:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Cloud Software LTD [2013-01-13 23:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro [2013-01-13 23:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013-01-12 21:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(9) [2013-01-12 21:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-01-04 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\hp\Documents\Zatrudnienie [2010-06-09 18:03:27 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe [2010-06-09 18:03:06 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe [2010-06-09 18:02:44 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe [2010-06-09 18:02:23 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe [2010-06-09 18:01:56 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe ========== Files - Modified Within 30 Days ========== [2013-01-25 13:05:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-25 13:02:46 | 004,980,736 | -HS- | M] () -- C:\Users\hp\ntuser.dat [2013-01-25 13:02:08 | 001,495,500 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2013-01-25 13:02:08 | 000,672,390 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2013-01-25 13:02:08 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013-01-25 13:02:08 | 000,130,766 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2013-01-25 13:02:08 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013-01-25 12:57:56 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-01-25 12:36:40 | 000,000,269 | ---- | M] () -- C:\ProgramData\hpqp.ini [2013-01-25 12:35:34 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-01-25 12:35:01 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-25 12:35:00 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-25 12:34:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2013-01-25 12:34:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-25 12:34:45 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2013-01-25 12:31:57 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013-01-25 12:31:53 | 000,524,288 | -HS- | M] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000002.regtrans-ms [2013-01-25 12:31:53 | 000,065,536 | -HS- | M] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TM.blf [2013-01-25 12:31:50 | 003,776,338 | -H-- | M] () -- C:\Users\hp\AppData\Local\IconCache.db [2013-01-25 11:50:24 | 000,011,341 | ---- | M] () -- C:\Users\hp\Desktop\Bez tytułu1.jpg [2013-01-25 11:29:03 | 000,009,907 | ---- | M] () -- C:\UsbFix_Upload_Me_HP-PC.zip [2013-01-25 11:24:45 | 000,241,206 | ---- | M] () -- C:\Users\hp\Desktop\Bez tytułu.jpg [2013-01-25 09:49:39 | 000,642,632 | ---- | M] (EFD Software ) -- C:\Users\hp\Desktop\hdtune_255.exe [2013-01-24 01:10:37 | 000,001,804 | ---- | M] () -- C:\Users\hp\Desktop\CrystalDiskInfo Shizuku Edition.lnk [2013-01-24 01:10:37 | 000,001,765 | ---- | M] () -- C:\Users\hp\Desktop\CrystalDiskInfo.lnk [2013-01-24 00:44:12 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013-01-23 23:31:25 | 000,001,356 | ---- | M] () -- C:\Users\hp\AppData\Local\d3d9caps.dat [2013-01-22 18:19:07 | 000,001,887 | ---- | M] () -- C:\Windows\diagwrn.xml [2013-01-22 18:19:07 | 000,001,887 | ---- | M] () -- C:\Windows\diagerr.xml [2013-01-22 18:18:51 | 000,008,192 | ---- | M] () -- C:\BOOTSECT.BAK [2013-01-22 16:03:47 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013-01-22 13:29:11 | 000,050,176 | ---- | M] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-12 18:04:33 | 000,001,971 | ---- | M] () -- C:\Users\hp\Desktop\Google Chrome.lnk [2013-01-09 18:25:47 | 000,304,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-01-08 18:58:04 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhp.job [2013-01-05 20:10:52 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\AppleSoftwareUpdate.job ========== Files Created - No Company Name ========== [2013-01-25 11:29:54 | 000,011,341 | ---- | C] () -- C:\Users\hp\Desktop\Bez tytułu1.jpg [2013-01-25 11:29:02 | 000,009,907 | ---- | C] () -- C:\UsbFix_Upload_Me_HP-PC.zip [2013-01-25 11:24:44 | 000,241,206 | ---- | C] () -- C:\Users\hp\Desktop\Bez tytułu.jpg [2013-01-24 01:10:37 | 000,001,804 | ---- | C] () -- C:\Users\hp\Desktop\CrystalDiskInfo Shizuku Edition.lnk [2013-01-24 01:10:37 | 000,001,765 | ---- | C] () -- C:\Users\hp\Desktop\CrystalDiskInfo.lnk [2013-01-24 00:44:12 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013-01-24 00:44:11 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013-01-22 18:47:06 | 3218,956,288 | -HS- | C] () -- C:\hiberfil.sys [2013-01-22 18:18:50 | 000,008,192 | ---- | C] () -- C:\BOOTSECT.BAK [2013-01-22 17:13:55 | 000,001,887 | ---- | C] () -- C:\Windows\diagwrn.xml [2013-01-22 17:13:55 | 000,001,887 | ---- | C] () -- C:\Windows\diagerr.xml [2013-01-22 16:03:47 | 000,000,872 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013-01-19 14:35:48 | 003,776,338 | -H-- | C] () -- C:\Users\hp\AppData\Local\IconCache.db [2013-01-13 23:40:57 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe [2012-06-26 22:08:19 | 003,672,770 | ---- | C] () -- C:\Users\hp\Scan.jpg [2011-02-22 21:42:09 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000002.regtrans-ms [2011-02-22 21:42:09 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TMContainer00000000000000000001.regtrans-ms [2011-02-22 21:42:09 | 000,065,536 | -HS- | C] () -- C:\Users\hp\ntuser.dat{e48cd4d3-3ec0-11e0-8dd0-00218673ca54}.TM.blf [2011-01-17 21:38:41 | 003,682,304 | ---- | C] () -- C:\Users\hp\s-1-5-21-168299090-1096314759-280584690-1000.rrr [2010-09-01 23:30:51 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010-07-01 18:14:35 | 000,001,356 | ---- | C] () -- C:\Users\hp\AppData\Local\d3d9caps.dat [2010-06-21 21:47:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-06-21 09:10:24 | 000,050,176 | ---- | C] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-09 12:04:42 | 000,000,269 | ---- | C] () -- C:\ProgramData\hpqp.ini [2009-12-02 13:45:59 | 000,071,528 | ---- | C] () -- C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT [2009-12-02 13:33:48 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2009-12-02 13:33:48 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2009-12-02 13:33:48 | 000,065,536 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2009-12-02 13:33:48 | 000,000,020 | -HS- | C] () -- C:\Users\hp\ntuser.ini [2009-12-02 13:33:47 | 004,980,736 | -HS- | C] () -- C:\Users\hp\ntuser.dat ========== ZeroAccess Check ========== [2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== ========== Purity Check ========== ========== Custom Scans ========== < %systemdrive%\*.* > [2013-01-24 00:24:36 | 000,007,500 | ---- | M] () -- C:\AdwCleaner[S1].txt [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2013-01-22 18:18:51 | 000,008,192 | ---- | M] () -- C:\BOOTSECT.BAK [2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2013-01-25 12:34:45 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys [2010-11-24 01:52:44 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2010-11-24 01:52:44 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2009-07-07 09:30:20 | 000,000,628 | ---- | M] () -- C:\NetworkCfg.xml [2013-01-25 12:34:42 | 3532,742,656 | -HS- | M] () -- C:\pagefile.sys [2013-01-25 11:31:17 | 000,014,165 | ---- | M] () -- C:\UsbFix.txt [2013-01-25 11:29:03 | 000,009,907 | ---- | M] () -- C:\UsbFix_Upload_Me_HP-PC.zip [2011-04-22 14:07:31 | 000,002,304 | ---- | M] () -- C:\{1D71C8FF-B0CB-4B02-ACE8-C5B28E796AC3} [2011-10-13 23:29:09 | 000,002,472 | ---- | M] () -- C:\{26925EF2-CB29-4FBC-A1FE-4774A5684C0B} [2011-04-22 18:30:21 | 000,002,368 | ---- | M] () -- C:\{52115126-C1B5-4AE3-8468-CAD2C9435483} [2011-03-08 13:36:28 | 000,002,368 | ---- | M] () -- C:\{5AF059B7-2BDF-46DC-AC9C-7538B06A6E50} [2011-03-08 13:38:44 | 000,002,448 | ---- | M] () -- C:\{9082D02F-1EB8-4D22-9A39-596CF1B20947} [2011-04-22 16:00:20 | 000,002,440 | ---- | M] () -- C:\{B125525A-B702-4787-90E8-615F34CD2AB3} [2011-04-22 14:11:52 | 000,002,480 | ---- | M] () -- C:\{C0489287-CEEC-43E5-9051-51773D5EBBBB} < MD5 for: AGP440.SYS > [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\ProgramData\SMR311\Archive\agp440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Users\All Users\SMR311\Archive\agp440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\$WINDOWS.~BT\Windows\System32\drivers\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\ProgramData\SMR311\Archive\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\All Users\SMR311\Archive\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\$WINDOWS.~BT\Windows\System32\drivers\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: BEEP.SYS > [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\ProgramData\SMR311\Archive\Beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Users\All Users\SMR311\Archive\Beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys < MD5 for: CDROM.SYS > [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\ProgramData\SMR311\Archive\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\All Users\SMR311\Archive\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\$WINDOWS.~BT\Windows\System32\drivers\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys < MD5 for: EVENTLOG.DLL > [2007-01-12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll < MD5 for: NDIS.SYS > [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\ProgramData\SMR311\Archive\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Users\All Users\SMR311\Archive\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2006-11-02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\$WINDOWS.~BT\Windows\System32\drivers\ndis.sys [2008-01-21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys < MD5 for: WINLOGON.EXE > [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe [2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:2EDB1FD6807D48C4 @Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:D1B5B4F1 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:373E1720 < End of report > [/spoiler] LOG [spoiler]Logfile of random's system information tool 1.09 (written by random/random) Run by hp at 2013-01-25 13:15:51 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 109 GB (37%) free of 297 GB Total RAM: 3069 MB (59% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AppleSoftwareUpdate.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForhp.job =========Mozilla firefox========= ProfilePath - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default "{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "otis@digitalpersona.com"=C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.146 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38] "Description"= "Path"=C:\Windows\system32\npdeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\plugins\ nppdf32.DEU nppdf32.dll nppdf32.FRA nppdf32.JPN C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\oeq2cna0.default\extensions\ 50f33bceb0eed@50f33bceb0f27.com {20a82645-c095-46ed-80e3-08825760534b} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{562611BF-554D-C7EF-43BA-85EE2DD1CD7E}] SaveAs - C:\ProgramData\SaveAs\50f33bceb1080.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-24 329712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-24 59376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll [2010-05-04 42080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-02-03 1185120] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2009-01-12 468264] "Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-08-08 524288] "UIExec"=C:\Program Files\Netia\Mobilny Internet\UIExec.exe [2009-08-11 132608] "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072] "Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2012-02-02 96128] "MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104] "AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "IPLA!"=C:\Program Files\ipla\ipla.exe [2012-11-23 20857328] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-10-21 81952] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli DPPWDFLT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "DisableStatusMessages"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 "NoDriveAutoRun"=3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDriveAutoRun"=3 "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.l3codecp"=l3codecp.acm "msacm.siren"=sirenacm.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FFDS"=ff_vfw.dll "vidc.XVID"=xvidvfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.avis"=ff_acm.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "msacm.l3fhg"=mp3fhg.acm "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-01-25 11:29:02 ----RASHD---- C:\Autorun.inf 2013-01-25 11:21:17 ----D---- C:\Program Files\HD Tune 2013-01-24 01:10:36 ----D---- C:\Program Files\CrystalDiskInfo 2013-01-24 00:49:35 ----D---- C:\Program Files\Common Files\Java 2013-01-24 00:48:43 ----A---- C:\Windows\system32\npdeployJava1.dll 2013-01-24 00:48:43 ----A---- C:\Windows\system32\javaws.exe 2013-01-24 00:48:43 ----A---- C:\Windows\system32\javaw.exe 2013-01-24 00:48:43 ----A---- C:\Windows\system32\java.exe 2013-01-24 00:42:00 ----D---- C:\Program Files\Common Files\Adobe 2013-01-24 00:41:13 ----D---- C:\Config.Msi 2013-01-24 00:32:41 ----A---- C:\UsbFix.txt 2013-01-24 00:32:38 ----D---- C:\UsbFix 2013-01-24 00:24:28 ----N---- C:\AdwCleaner[S1].txt 2013-01-24 00:09:29 ----D---- C:\_OTL 2013-01-22 18:47:06 ----ASH---- C:\hiberfil.sys 2013-01-22 18:39:08 ----D---- C:\Boot 2013-01-22 18:18:50 ----N---- C:\BOOTSECT.BAK 2013-01-22 17:13:00 ----A---- C:\Windows\ntbtlog.txt 2013-01-22 16:05:08 ----D---- C:\Users\hp\AppData\Roaming\AVG2013 2013-01-22 16:03:45 ----D---- C:\Users\hp\AppData\Roaming\TuneUp Software 2013-01-22 15:59:23 ----D---- C:\$AVG 2013-01-22 15:59:22 ----D---- C:\ProgramData\AVG2013 2013-01-22 15:57:24 ----D---- C:\Program Files\AVG 2013-01-22 15:39:49 ----D---- C:\found.000 2013-01-22 15:29:33 ----HD---- C:\ProgramData\Common Files 2013-01-22 15:29:33 ----D---- C:\ProgramData\MFAData 2013-01-22 14:07:17 ----D---- C:\Program Files\trend micro 2013-01-22 14:07:16 ----D---- C:\rsit 2013-01-22 13:50:22 ----D---- C:\Users\hp\AppData\Roaming\Optimizer Pro 2013-01-19 14:26:14 ----D---- C:\Windows\Minidump 2013-01-19 14:26:08 ----D---- C:\Windows\Prefetch 2013-01-13 23:40:57 ----A---- C:\Windows\Launcher.exe 2013-01-13 23:40:37 ----D---- C:\Program Files\Red Sky 2013-01-13 23:36:33 ----D---- C:\ProgramData\Cloud Software LTD 2013-01-13 23:36:08 ----D---- C:\Program Files\Optimizer Pro 2013-01-12 21:38:26 ----D---- C:\Program Files\Mozilla Firefox(9) 2013-01-12 21:38:26 ----D---- C:\Program Files\Mozilla Firefox 2013-01-09 16:05:28 ----A---- C:\Windows\system32\win32k.sys 2013-01-09 16:05:08 ----A---- C:\Windows\system32\ncrypt.dll 2013-01-09 16:05:07 ----A---- C:\Windows\system32\shlwapi.dll 2013-01-09 16:04:12 ----A---- C:\Windows\system32\msxml6.dll ======List of files/folders modified in the last 1 month====== 2013-01-25 13:15:53 ----D---- C:\Windows\Temp 2013-01-25 13:02:08 ----D---- C:\Windows\System32 2013-01-25 13:02:08 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-01-25 13:02:07 ----D---- C:\Windows\inf 2013-01-25 12:36:51 ----D---- C:\Users\hp\AppData\Roaming\ipla 2013-01-25 12:36:40 ----A---- C:\ProgramData\hpqp.ini 2013-01-25 11:27:35 ----SHD---- C:\$Recycle.Bin 2013-01-25 11:21:17 ----D---- C:\Program Files 2013-01-24 01:27:37 ----SHD---- C:\System Volume Information 2013-01-24 00:49:42 ----SHD---- C:\Windows\Installer 2013-01-24 00:49:35 ----D---- C:\Program Files\Common Files 2013-01-24 00:48:33 ----A---- C:\Windows\system32\deployJava1.dll 2013-01-24 00:43:16 ----D---- C:\ProgramData\Adobe 2013-01-24 00:42:00 ----D---- C:\Program Files\Adobe 2013-01-24 00:41:38 ----D---- C:\Windows\winsxs 2013-01-24 00:24:28 ----HD---- C:\ProgramData 2013-01-24 00:18:19 ----D---- C:\Windows 2013-01-24 00:01:14 ----D---- C:\Program Files\Java 2013-01-23 23:36:18 ----D---- C:\Users\hp\AppData\Roaming\GG 2013-01-22 17:24:16 ----D---- C:\Users\hp\AppData\Roaming\Skype 2013-01-22 16:51:12 ----D---- C:\Users\hp\AppData\Roaming\Media Player Classic 2013-01-22 16:50:13 ----D---- C:\Windows\panther 2013-01-22 16:50:13 ----D---- C:\Windows\ModemLogs 2013-01-22 16:50:11 ----D---- C:\Windows\Logs 2013-01-22 16:50:11 ----D---- C:\Windows\Debug 2013-01-22 16:03:35 ----D---- C:\Windows\system32\drivers 2013-01-22 15:57:20 ----D---- C:\Windows\system32\catroot2 2013-01-22 15:31:00 ----D---- C:\Program Files\Common Files\Symantec Shared 2013-01-22 15:30:58 ----D---- C:\Windows\system32\Tasks 2013-01-22 15:09:17 ----AD---- C:\ProgramData\Temp 2013-01-22 10:33:31 ----D---- C:\Windows\system32\config 2013-01-22 10:33:22 ----SD---- C:\Windows\Downloaded Program Files 2013-01-22 10:33:22 ----D---- C:\Windows\Tasks 2013-01-22 10:33:22 ----D---- C:\Windows\system32\spool 2013-01-22 10:33:22 ----D---- C:\Windows\system32\Msdtc 2013-01-22 10:33:22 ----D---- C:\Windows\system32\CodeIntegrity 2013-01-22 10:33:18 ----D---- C:\Program Files\Mozilla Maintenance Service 2013-01-22 10:33:14 ----D---- C:\Windows\system32\wbem 2013-01-22 10:33:14 ----D---- C:\Windows\registration 2013-01-17 22:16:31 ----A---- C:\ProgramData\hpqp.txt 2013-01-09 19:55:12 ----D---- C:\Windows\Microsoft.NET 2013-01-09 19:55:10 ----RSD---- C:\Windows\assembly 2013-01-09 16:30:23 ----D---- C:\ProgramData\Microsoft Help 2013-01-09 16:08:51 ----A---- C:\Windows\system32\mrt.exe 2013-01-09 16:04:53 ----D---- C:\Windows\system32\catroot 2013-01-09 01:06:52 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-04-14 170000] R0 Amddfltr;Amd Disk Lower Filter Driver; C:\Windows\system32\DRIVERS\Amddfltr.sys [2008-01-07 15416] R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 7680] R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-11-15 94048] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552] R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-03-27 24424] R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R0 SMR311;Symantec SMR Utility Service 3.1.1; C:\Windows\System32\drivers\SMR311.SYS [2012-10-18 97440] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-09-21 164832] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232] R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};Power Control [2010/06/09 13:04:42]; \??\C:\Program Files\HP\QuickPlay\000.fcl [2009-01-12 87536] R2 RMCAST;Sterownik protokołu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 5120] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064] R3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] R3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] R3 btwaudio;Urz¹dzenie dŸwiêkowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424] R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936] R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296] R3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936] R3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S3 ALSysIO;ALSysIO; \??\C:\Users\hp\AppData\Local\Temp\ALSysIO.sys [] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272] S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-01 102912] S3 iscFlash;iscFlash; \??\C:\SwSetup\SP46501\iscflash.sys [2009-06-16 13312] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-04-22 9728] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064] S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-02-02 104960] S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-02-02 105344] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-02-02 104960] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192] R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2009-01-12 292216] R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2009-01-12 116080] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273] R2 UI Assistant Service;UI Assistant Service; C:\Program Files\Netia\Mobilny Internet\AssistantServices.exe [2009-08-11 241664] R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832] S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400] S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-12 115760] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF----------------- [/spoiler]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.