Komputer bardzo zamula - włącza sie bardzo długo

**Posty:** 256 · przez **pawel1979** 20 Kwi 2011, 20:41

Witam,

Mam ostatnio problem komputer bardzo zamula i często potrzebny restart aby wróciło wszystko do normy ( najczęściej net zamula ) podczas robienia Loga z GMERA wyskakuje błąd i przerywa skanowanie, program emulującego + sptd.sys brak.
Dodatkowo zrobiłem Loga z SysProt:

Kod: Zaznacz wszystko: OTL logfile created on: 2011-04-20 20:09:37 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Pawel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000415 | Country: Polen | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 224,04 Gb Total Space | 57,03 Gb Free Space | 25,45% Space Free | Partition Type: NTFS Drive D: | 116,50 Gb Total Space | 86,11 Gb Free Space | 73,91% Space Free | Partition Type: NTFS Drive E: | 8,84 Gb Total Space | 3,11 Gb Free Space | 35,14% Space Free | Partition Type: NTFS Drive G: | 116,38 Gb Total Space | 84,03 Gb Free Space | 72,20% Space Free | Partition Type: NTFS Computer Name: COM | User Name: Pawel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-04-20 20:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Pawel\Downloads\OTL(2).exe PRC - [2011-04-14 00:02:36 | 000,161,336 | ---- | M] (Google) -- C:\Users\Pawel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe PRC - [2011-04-01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011-03-24 11:23:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2010-11-22 10:54:34 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2010-11-22 10:54:34 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe PRC - [2010-10-01 22:38:17 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2010-03-29 21:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE PRC - [2009-07-03 15:45:24 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe PRC - [2009-06-03 14:46:36 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-04-17 19:13:44 | 005,750,784 | ---- | M] () -- c:\xampp\mysql\bin\mysqld-nt.exe PRC - [2007-10-25 01:02:16 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007-10-25 01:02:14 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007-09-20 11:12:02 | 000,671,744 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe PRC - [2007-09-20 11:02:58 | 000,299,008 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2007-09-05 18:25:04 | 000,204,800 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007-09-05 13:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2007-09-05 13:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-04-20 20:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Pawel\Downloads\OTL(2).exe MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-04-01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011-03-30 22:07:31 | 003,229,784 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll -- (Akamai) SRV - [2011-02-28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010-11-22 10:54:34 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2010-08-18 17:27:41 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2010-05-25 12:38:06 | 000,613,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-03-25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-06-03 14:46:36 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009-01-29 17:54:44 | 000,102,400 | ---- | M] (PacketVideo) [On_Demand | Stopped] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia) SRV - [2008-04-17 19:13:44 | 005,750,784 | ---- | M] () [Auto | Running] -- c:\xampp\mysql\bin\mysqld-nt.exe -- (mysql) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-10-25 01:02:16 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2007-09-20 11:02:58 | 000,299,008 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2007-09-05 18:25:04 | 000,204,800 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007-03-05 10:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-15 16:17:27 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-10-09 19:46:07 | 000,280,592 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2009-10-03 07:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-06-15 14:01:00 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009-05-16 20:59:34 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-05-15 18:50:22 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009-02-05 19:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter) DRV - [2009-02-05 19:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil) DRV - [2009-02-05 19:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Si3531.sys -- (Si3531) DRV - [2008-12-15 20:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2008-11-17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-01-21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2007-10-24 08:08:28 | 000,305,152 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\averhbtv.sys -- (AVerHybrid) AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM) DRV - [2007-09-05 18:25:32 | 000,348,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007-08-28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) DRV - [2007-06-28 17:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Stuurprogramma voor Intel(R) DRV - [2007-06-20 13:49:06 | 000,049,664 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2007-03-21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-02-24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007-01-23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006-11-30 11:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-06-28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=81&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=81&bd=Pavilion&pf=laptop IE - HKLM\..\URLSearchHook: {c0766b46-82cf-4d08-b47e-a4b85928028b} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=81&bd=Pavilion&pf=laptop IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.e-holandia.info/ IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\URLSearchHook: {c0766b46-82cf-4d08-b47e-a4b85928028b} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.) IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.e-holandia.info/" FF - prefs.js..extensions.enabledItems: SignPlugin@bph.pl:1.4.0.3 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.9.0 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463 FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: nl-NL@dictionaries.addons.mozilla.org:3.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-03-11 10:51:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-06-12 23:26:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011-04-14 19:18:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-24 11:24:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-25 11:35:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-01-10 10:18:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-10-09 19:46:57 | 000,000,000 | ---D | M] [2009-05-17 16:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pawel\AppData\Roaming\mozilla\Extensions [2009-05-17 16:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pawel\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011-04-19 20:45:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions [2010-03-26 21:59:52 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-04-28 08:03:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-12 09:33:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-01-07 21:02:34 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\facepad@lazyrussian.com [2011-02-06 22:00:56 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\firebug@software.joehewitt.com [2009-11-10 15:33:22 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\firefox@tvunetworks.com [2010-11-26 16:26:07 | 000,000,000 | ---D | M] (Woordenboek Nederlands) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\nl-NL@dictionaries.addons.mozilla.org [2009-01-24 13:05:16 | 000,000,000 | ---D | M] ("SeeToo Addon") -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\seetooaddon@seetoo.com [2011-04-15 19:26:45 | 000,000,000 | ---D | M] (BPH Sign Plugin) -- C:\Users\Pawel\AppData\Roaming\mozilla\Firefox\Profiles\q59p8oks.default\extensions\SignPlugin@bph.pl [2011-02-16 08:58:22 | 000,001,834 | ---- | M] () -- C:\Users\Pawel\AppData\Roaming\Mozilla\Firefox\Profiles\q59p8oks.default\searchplugins\bing.xml [2011-03-10 09:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-08-14 12:20:36 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-05-17 08:15:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-10 08:48:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-12-11 13:47:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-03-10 09:48:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2009-10-09 19:48:10 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2011-03-24 11:23:59 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-03-24 11:23:59 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-03-24 11:23:59 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-03-24 11:23:59 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-03-24 11:23:59 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-03-24 11:23:59 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SeeToo for Justin.tv Toolbar) - {c0766b46-82cf-4d08-b47e-a4b85928028b} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (SeeToo for Justin.tv Toolbar) - {c0766b46-82cf-4d08-b47e-a4b85928028b} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\Toolbar\WebBrowser: (SeeToo for Justin.tv Toolbar) - {C0766B46-82CF-4D08-B47E-A4B85928028B} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [HP Health Check Scheduler] File not found O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000..\Run: [AdobeBridge] File not found O4 - Startup: C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O8 - Extra context menu item: &AOL-werkbalk Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\nl-NL\local\search.html () O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM () O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM () O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Flash Movie Extractor Scout - {30C4B686-5ECF-4492-B1F8-A4CC8659F6B8} - C:\Program Files\Flash Movie Extractor Scout\flashextract.exe () O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} http://www.seetoo.com/downloadAddon.php?platform=Win32&browser=ie&ref=justintv&c=cebe24e087a1e4be1&browserVersion=7.0 (SeeTooControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Justin.tv Publisher http://www.justin.tv/plugins/justintv_publisher.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O24 - Desktop WallPaper: C:\Users\Pawel\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Pawel\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005-09-11 17:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ] O33 - MountPoints2\{2186c4d4-7681-11de-86d6-00218688aae0}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe O33 - MountPoints2\{52e44cad-ba73-11de-8b34-00218688aae0}\Shell - "" = AutoRun O33 - MountPoints2\{52e44cad-ba73-11de-8b34-00218688aae0}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{c82bfbfc-1611-11df-90de-00218688aae0}\Shell\AutoRun\command - "" = H:\SanDiskMediaManager.EXE O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-04-15 21:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipDiscount [2011-04-15 21:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\VoipDiscount.com [2011-04-14 19:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2011-04-14 19:14:44 | 000,000,000 | ---D | C] -- C:\Windows\hpoj6500e709 [2011-04-14 19:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2011-04-14 19:11:47 | 000,271,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll [2011-04-14 19:11:38 | 000,118,272 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpf3l082.dll [2011-04-14 07:53:06 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011-04-14 07:53:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011-04-14 07:53:00 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-04-14 07:53:00 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-04-14 07:53:00 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011-04-14 07:53:00 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-04-14 07:53:00 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-04-14 07:53:00 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-04-14 07:53:00 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-04-14 07:53:00 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-04-14 07:53:00 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-04-14 07:53:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-04-14 07:53:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-04-14 07:53:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-04-14 07:53:00 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-04-14 07:53:00 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-04-14 07:53:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-04-14 07:53:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-04-14 07:53:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-04-14 07:52:56 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011-04-14 07:52:56 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011-04-14 07:52:52 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011-04-14 07:52:49 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-04-14 07:52:47 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011-04-14 07:52:47 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-04-03 22:47:26 | 000,000,000 | ---D | C] -- C:\Users\Pawel\AppData\Roaming\RDRM [2011-04-01 17:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przyspiesz Komputer [2011-04-01 17:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer [2011-03-26 01:48:06 | 004,284,416 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2011-03-23 11:29:55 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011-03-23 11:29:55 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Pawel\Documents\*.tmp files -> C:\Users\Pawel\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-04-20 20:14:46 | 008,126,464 | -HS- | M] () -- C:\Users\Pawel\NTUSER.DAT [2011-04-20 20:12:43 | 000,000,454 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{90D02365-83B7-4FE5-A4C0-F25F6E1B916C}.job [2011-04-20 19:55:39 | 000,005,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-04-20 19:55:39 | 000,005,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-04-20 19:37:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-148305267-3469724838-3929971888-1000UA.job [2011-04-20 19:35:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-04-20 19:30:42 | 001,517,030 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011-04-20 19:30:42 | 000,672,434 | ---- | M] () -- C:\Windows\System32\perfh013.dat [2011-04-20 19:30:42 | 000,602,550 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-04-20 19:30:42 | 000,132,820 | ---- | M] () -- C:\Windows\System32\perfc013.dat [2011-04-20 19:30:42 | 000,107,428 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-04-20 18:59:54 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011-04-20 18:57:45 | 000,000,250 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2011-04-20 18:54:22 | 000,048,175 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-04-20 18:54:15 | 000,048,175 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-04-20 18:54:12 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-04-20 18:54:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-04-20 18:54:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-04-20 18:54:02 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys [2011-04-20 18:50:58 | 003,188,549 | -H-- | M] () -- C:\Users\Pawel\AppData\Local\IconCache.db [2011-04-20 07:23:15 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-04-20 07:23:13 | 000,524,288 | -HS- | M] () -- C:\Users\Pawel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2011-04-20 07:23:13 | 000,065,536 | -HS- | M] () -- C:\Users\Pawel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2011-04-19 21:50:12 | 000,049,664 | ---- | M] () -- C:\Users\Pawel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-04-18 21:47:06 | 000,000,132 | ---- | M] () -- C:\Users\Pawel\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2011-04-18 13:37:00 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-148305267-3469724838-3929971888-1000Core.job [2011-04-18 08:41:00 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011-04-15 22:19:13 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk [2011-04-15 21:50:17 | 000,000,947 | ---- | M] () -- C:\Users\Pawel\Desktop\VoipDiscount.lnk [2011-04-15 08:09:01 | 003,801,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-04-14 20:47:20 | 000,000,981 | ---- | M] () -- C:\Users\Pawel\Documents\priv.pem [2011-04-14 20:46:32 | 000,001,398 | ---- | M] () -- C:\Users\Pawel\Documents\cert.cer [2011-04-14 19:20:23 | 000,186,533 | ---- | M] () -- C:\Windows\hpwins23.dat [2011-04-14 19:19:58 | 000,000,254 | ---- | M] () -- C:\Windows\win.ini [2011-04-14 19:17:22 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk [2011-04-14 19:17:02 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk [2011-04-14 18:43:01 | 000,127,632 | ---- | M] () -- C:\Users\Pawel\AppData\Local\GDIPFONTCACHEV1.DAT [2011-04-11 22:24:14 | 000,226,268 | ---- | M] () -- C:\Users\Pawel\Documents\Umowa robwill.pdf [2011-04-11 00:00:00 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-Com_Pawel.job [2011-04-08 21:32:36 | 000,000,600 | ---- | M] () -- C:\Users\Pawel\AppData\Local\PUTTY.RND [2011-04-07 21:18:22 | 000,001,706 | ---- | M] () -- C:\Users\Pawel\Desktop\Albelli.lnk [2011-04-04 17:10:46 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2011-04-04 17:10:46 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2011-04-03 22:46:55 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\ipla.lnk [2011-04-03 22:24:20 | 000,631,632 | ---- | M] () -- C:\Users\Pawel\Documents\Cennik-e-holandia-kwiecien.pdf [2011-04-01 17:25:55 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Przyspiesz Komputer.lnk [2011-03-31 11:56:28 | 000,001,640 | ---- | M] () -- C:\Users\Pawel\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2011-03-31 11:56:28 | 000,001,616 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2011-03-28 13:37:55 | 000,002,044 | ---- | M] () -- C:\Users\Pawel\Desktop\Google Chrome.lnk [2011-03-28 13:37:55 | 000,002,006 | ---- | M] () -- C:\Users\Pawel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011-03-26 01:48:06 | 004,284,416 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2011-03-25 11:35:35 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Pawel\Documents\*.tmp files -> C:\Users\Pawel\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-04-15 22:16:48 | 000,000,969 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk [2011-04-15 22:16:47 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk [2011-04-15 21:50:17 | 000,000,947 | ---- | C] () -- C:\Users\Pawel\Desktop\VoipDiscount.lnk [2011-04-14 20:47:20 | 000,000,981 | ---- | C] () -- C:\Users\Pawel\Documents\priv.pem [2011-04-14 20:46:32 | 000,001,398 | ---- | C] () -- C:\Users\Pawel\Documents\cert.cer [2011-04-14 19:17:22 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk [2011-04-14 19:17:02 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk [2011-04-14 19:16:19 | 000,000,853 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-registratie.lnk [2011-04-14 19:09:29 | 000,186,533 | ---- | C] () -- C:\Windows\hpwins23.dat [2011-04-14 19:09:11 | 000,001,847 | ---- | C] () -- C:\Windows\hpwmdl23.dat [2011-04-11 22:24:14 | 000,226,268 | ---- | C] () -- C:\Users\Pawel\Documents\Umowa robwill.pdf [2011-04-08 21:32:36 | 000,000,600 | ---- | C] () -- C:\Users\Pawel\AppData\Local\PUTTY.RND [2011-04-03 22:24:20 | 000,631,632 | ---- | C] () -- C:\Users\Pawel\Documents\Cennik-e-holandia-kwiecien.pdf [2011-04-01 17:25:55 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Przyspiesz Komputer.lnk [2011-03-31 11:56:28 | 000,001,640 | ---- | C] () -- C:\Users\Pawel\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2011-03-31 11:56:28 | 000,001,628 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011-03-31 11:56:28 | 000,001,616 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2011-02-20 13:45:12 | 000,140,770 | ---- | C] () -- C:\Windows\hpoins18.dat.temp [2011-02-20 13:45:12 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp [2010-11-22 10:55:25 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2010-11-22 10:55:25 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2010-11-09 22:28:45 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfmonnt.dll [2010-11-09 22:28:42 | 000,000,164 | ---- | C] () -- C:\Windows\System32\psconv.ini [2010-10-05 10:23:53 | 000,000,132 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\Preferencje Adobe CS5 dla formatu GIF [2010-10-03 16:30:44 | 000,000,132 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2010-09-10 21:28:46 | 003,188,549 | -H-- | C] () -- C:\Users\Pawel\AppData\Local\IconCache.db [2010-06-23 18:43:42 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempUQ5308.html [2010-06-23 18:37:19 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempQO5308.html [2010-06-23 18:34:22 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempjqO508.html [2010-06-23 18:34:22 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempPKN508.html [2010-06-12 17:57:30 | 000,000,218 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\wklnhst.dat [2010-04-30 20:42:02 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\Tempmz3700.html [2010-04-30 20:42:02 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempNF3700.html [2010-04-03 13:32:55 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\Templc5892.html [2010-04-03 13:32:55 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TemplE5892.html [2010-04-01 11:36:53 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempLy5208.html [2010-04-01 11:36:53 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempQi5208.html [2010-03-28 18:42:52 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempHq2396.html [2010-03-28 18:42:52 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\Tempia2396.html [2010-03-27 14:01:38 | 000,048,175 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-03-27 14:01:38 | 000,048,175 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-03-21 21:38:07 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempKc1928.html [2010-03-21 21:38:07 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempCC1928.html [2010-02-23 11:25:14 | 000,002,432 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempZL4808.html [2010-02-23 11:25:14 | 000,002,089 | ---- | C] () -- C:\Users\Pawel\AppData\Local\TempYL4808.html [2010-02-10 19:31:09 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2009-10-20 20:07:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-10-20 20:07:43 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-10-20 20:07:17 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-10-09 19:50:30 | 000,604,140 | -HS- | C] () -- C:\Windows\System32\drivers\ISwift3.dat [2009-10-09 19:47:49 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2009-10-09 19:47:49 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2009-09-20 18:54:55 | 000,138,223 | ---- | C] () -- C:\Windows\hpqins00.dat [2009-08-03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009-08-03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009-07-03 15:45:12 | 000,027,507 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2009-05-21 07:48:41 | 000,027,839 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\nvModes.001 [2009-05-20 09:58:32 | 000,027,839 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\nvModes.dat [2009-03-14 18:47:13 | 000,000,090 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\default.pls [2009-02-19 18:01:37 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009-01-26 11:43:55 | 000,000,187 | ---- | C] () -- C:\Users\Pawel\AppData\Roaming\default.rss [2009-01-25 17:38:37 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-01-25 17:38:36 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009-01-25 17:38:34 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-01-25 17:38:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-01-25 17:38:33 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009-01-25 17:38:32 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-01-25 17:38:32 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009-01-08 18:23:58 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini [2009-01-08 15:52:18 | 000,007,808 | ---- | C] () -- C:\Users\Pawel\AppData\Local\d3d9caps.dat [2009-01-08 14:54:20 | 000,049,664 | ---- | C] () -- C:\Users\Pawel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-01-07 21:20:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-01-07 19:00:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-01-07 17:17:41 | 000,127,632 | ---- | C] () -- C:\Users\Pawel\AppData\Local\GDIPFONTCACHEV1.DAT [2008-09-11 03:22:32 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2008-05-04 11:23:29 | 000,336,440 | ---- | C] () -- C:\Windows\System32\perfi013.dat [2008-05-04 11:23:28 | 000,672,434 | ---- | C] () -- C:\Windows\System32\perfh013.dat [2008-05-04 11:23:28 | 000,132,820 | ---- | C] () -- C:\Windows\System32\perfc013.dat [2008-05-04 11:23:28 | 000,041,976 | ---- | C] () -- C:\Windows\System32\perfd013.dat [2008-05-04 01:32:56 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008-01-21 04:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2007-09-05 12:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 003,801,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 001,517,030 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2006-11-02 12:33:01 | 000,602,550 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,107,428 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 12:23:31 | 000,000,254 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 12:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006-11-02 09:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe [2006-11-02 09:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe [2006-11-02 09:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe [2006-11-02 09:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com [2006-11-02 09:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM [2006-11-02 09:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe [2006-11-02 09:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe [2006-11-02 09:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM [2006-11-02 09:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe [2006-11-02 09:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe [2006-11-02 09:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM [2006-11-02 09:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe [2006-11-02 09:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe [2006-11-02 09:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe [2006-11-02 09:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe [2006-11-02 09:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM [2006-11-02 09:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe [2006-11-02 09:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2006-11-02 09:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2006-11-02 09:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2006-11-02 09:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2006-11-02 09:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2006-11-02 09:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2006-11-02 09:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2006-11-02 09:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2006-11-02 09:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2006-11-02 09:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2006-11-02 09:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2006-11-02 09:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2006-11-02 09:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2006-11-02 09:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2006-11-02 09:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2006-11-02 08:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2006-03-09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2001-11-14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-09-12 17:36:55 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Affilorama [2009-09-21 20:09:42 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Artisteer [2011-04-03 13:12:54 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Belastingdienst [2009-10-16 18:50:54 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\DAEMON Tools Lite [2009-01-07 17:17:29 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\DigitalPersona [2010-04-01 13:29:58 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\EditPlus 3 [2011-02-24 16:56:57 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\EurekaLog [2010-04-26 08:39:33 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Facebook [2011-04-19 23:07:58 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\FileZilla [2011-02-13 21:16:18 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\FreeCommander [2010-06-23 18:43:42 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Gadu-Gadu 10 [2011-02-09 21:19:25 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\GHISLER [2011-01-18 20:58:29 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\gtk-2.0 [2010-07-09 08:51:44 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Gzegzolka XP [2011-02-01 14:10:49 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Image Zone Express [2011-04-16 19:35:18 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\ipla [2009-10-17 10:05:11 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Leadertech [2010-06-13 16:03:26 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Nokia [2009-08-25 19:40:37 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Nvu [2010-01-08 09:39:38 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\OpenFM [2009-02-01 22:58:42 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Opera [2010-06-26 12:17:40 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\PC Suite [2010-01-29 23:42:28 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Piechnat Soft [2009-11-20 12:27:15 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Printer Info Cache [2010-06-18 18:21:30 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Publish Providers [2010-02-06 18:42:35 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Quark [2011-04-03 22:47:29 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\RDRM [2010-02-10 19:33:46 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Research In Motion [2010-06-12 17:57:37 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\SolidDocuments [2010-06-18 19:22:19 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Sony [2011-02-02 09:56:37 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011-04-15 22:19:37 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\TeamViewer [2010-06-12 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Template [2009-02-19 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\Thunderbird [2009-05-17 16:57:44 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\TomTom [2011-04-15 22:32:14 | 000,000,000 | ---D | M] -- C:\Users\Pawel\AppData\Roaming\VoipDiscount [2011-04-18 08:41:00 | 000,000,474 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2011-04-20 07:23:16 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-04-20 20:12:43 | 000,000,454 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{90D02365-83B7-4FE5-A4C0-F25F6E1B916C}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-04-20 20:09:37 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Pawel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000415 | Country: Polen | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 224,04 Gb Total Space | 57,03 Gb Free Space | 25,45% Space Free | Partition Type: NTFS Drive D: | 116,50 Gb Total Space | 86,11 Gb Free Space | 73,91% Space Free | Partition Type: NTFS Drive E: | 8,84 Gb Total Space | 3,11 Gb Free Space | 35,14% Space Free | Partition Type: NTFS Drive G: | 116,38 Gb Total Space | 84,03 Gb Free Space | 72,20% Space Free | Partition Type: NTFS Computer Name: COM | User Name: Pawel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0594F2A6-4621-44D5-81DF-2D3734A43973}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{11FEDE19-0657-4660-B0CC-EDFA7BE2A978}" = rport=139 | protocol=6 | dir=out | app=system | "{242C3397-76F3-4C67-A44D-6509EBE2BF38}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{282C44B5-7762-4DF4-A1E1-A65BCC8D8369}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{44A21413-22E4-49BD-B1BA-B7668C308ED0}" = rport=137 | protocol=17 | dir=out | app=system | "{4EEA8B07-B260-4B3D-BE1E-129DC678F885}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface | "{5740F3FD-8704-4DAA-BBE3-DBEC1B75BFE1}" = lport=138 | protocol=17 | dir=in | app=system | "{9197AAA3-521F-4230-8F9A-B1E5A239706A}" = lport=445 | protocol=6 | dir=in | app=system | "{973F38B5-9BE2-40A6-99F4-74DA3D30C56F}" = lport=52472 | protocol=6 | dir=in | name=akamai netsession interface | "{98230D9A-4D36-49E5-9800-C6D62173C434}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{A4CCA150-E921-49A0-95AF-6A23C0B19699}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{AD827126-F9C8-40F3-A093-64C42468C3D1}" = lport=49875 | protocol=6 | dir=in | name=akamai netsession interface | "{B14C37B9-4AE4-458F-AB37-93F3FBA05B2A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B77D2DE1-F5D2-4A07-90F3-AF332FC35557}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{B790A4E1-60F0-49DA-A9C3-FB449F9407CC}" = lport=137 | protocol=17 | dir=in | app=system | "{B8F0533B-BC36-4D35-9F5D-907E37389730}" = rport=138 | protocol=17 | dir=out | app=system | "{D4EF0F63-56C1-4D09-87EA-75E4E545831E}" = lport=2869 | protocol=6 | dir=in | app=system | "{D9BDE410-D8A9-44BA-AD59-A8E453D5BBB4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{E8BF6FBC-0167-4C2B-BAF0-E97E341A599B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FDF7FBF0-AE7F-4D45-8A84-8EAF5DA6B776}" = lport=139 | protocol=6 | dir=in | app=system | "{FE65CF56-A0A5-4CAC-B935-8B37487387EC}" = rport=445 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0440C18D-8577-4571-9B0B-29681B546AF2}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{055D6643-DB00-47A8-AE13-B82033E8FD0E}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{07F75C22-D0B9-4A7D-AC79-1F4F34289BC8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{1684E94E-C736-4E83-85F1-1B55E5FED02A}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{1BA7D0F2-84DC-4E41-8CC8-CD3175702A34}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{1DD7B5FA-B581-4C48-9F52-41547B11E99B}" = dir=in | app=c:\program files\itunes\itunes.exe | "{1E0F6906-D4D7-4CC9-BFF8-8318EB691C16}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{23BF6D7C-DBCB-4AEF-A964-088F2D104648}" = protocol=6 | dir=in | app=c:\program files\nokia\nokia home media server\media server\twonkymediaserver.exe | "{2E07D7DD-8F1D-4275-A29E-3C1D1E3E8672}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | "{333CE346-B664-4932-AB06-4FEC7EE0B837}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{37048816-D6C6-4F1C-BC85-25793CC2EB69}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{3E0877CE-E085-4011-A1FE-B3A67F42FC34}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{5221E037-C9C8-411B-8D85-3B5404363F72}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{56E6DD12-892D-4D30-BD25-08BE2E2B10E6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{5C36A2A0-4393-4086-829E-D3C6DD4D1462}" = protocol=6 | dir=in | app=c:\program files\wlite\wservice.exe | "{60D66C1C-018B-41FD-ABCA-C90CDA2022A8}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{64727F80-DB57-4CA2-B535-625FBF615BFA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{68E2900C-7297-4836-922D-5EF50E5D8255}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{6CA5B642-A5AF-4B37-836D-F1E0FCC5A52F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{7600DC41-C68E-4A1B-9BE9-6B5DC815C547}" = protocol=17 | dir=in | app=c:\program files\nokia\nokia home media server\media server\twonkymedia.exe | "{77F1BDC1-4C21-4474-AF6E-FF3B23CA6458}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7838A1B4-8033-4BE0-B1AC-6C54C620D3E8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{7DB8E509-FBC9-4402-A4E4-2E8F9099A12A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{7F479DBB-AF69-4674-A238-0931AA7EC810}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | "{85F6B660-0CE3-479B-A1B8-A1868C4E32FC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{88E65CEE-F842-471A-AC5F-6A0166A150A6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{8A589F67-1FB5-44CC-949D-3A8FDAFBC5E5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{94FC249E-EA96-41FD-81A7-6BA785D6CF75}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{9B47F841-3CB9-4B55-9EC0-720F814F98B2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | "{AEB87C8F-18E4-4C40-9F3A-E4307A88243B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{B0DD5054-6C33-4616-BF67-EC7E70E1D385}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B338A867-995E-4D04-A03D-73406B0C2937}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{B6E94C60-F1A2-4325-AF29-52CBB769048E}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{B703FCE8-CD97-4419-9CC0-F55487C1ED57}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{B846931E-AEAD-4134-B389-BC05833BDE6A}" = protocol=17 | dir=in | app=c:\program files\nokia\nokia home media server\media server\twonkymediaserver.exe | "{B856BD55-46D0-4950-A463-4FB44A216C06}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{BCCC2805-3A9D-44C3-957D-42EB1675604E}" = protocol=6 | dir=in | app=c:\program files\nokia\nokia home media server\media server\twonkymedia.exe | "{BD1E19AA-F668-4E04-BCA3-47E335B72E40}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | "{BD990D0F-5097-408D-BFB7-C76EB1B84468}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | "{BF3B314C-33F6-4F01-A823-2F4B3BA941F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{C1AE4E8D-4C8D-4DA9-ACCC-7BBB0D191918}" = dir=in | app=c:\users\pawel\appdata\local\temp\7zs78db\oj6500ve709_full_14\setup\hpznui01.exe | "{C77ED03E-AD6C-48C3-998E-82DDB4BFBE4E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{D0F4AD92-A965-4559-BA57-CF135BF126B2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{D313A56D-ECC4-4BB2-8138-B9778C9AFE74}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{D3E99B5A-E6F8-4A28-A7B5-EABED04247DE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{D9D6F5E5-E73D-4DDF-ABA1-F13036A9D18D}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{DD828EAC-2E9C-425D-9516-D940F416E5D2}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{DF4B214B-0C20-4B8B-A32A-FA1C1D457758}" = protocol=6 | dir=in | app=c:\program files\wlite\wlite.exe | "{E11516BD-7597-47CE-B2F3-DDD2753B5296}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{E3D3D6F7-F553-4F71-8502-30B108CB0F77}" = protocol=17 | dir=in | app=c:\program files\wlite\wservice.exe | "{E594F6F3-FE1F-4FEE-8BF4-A8FD333BE5C3}" = protocol=17 | dir=in | app=c:\program files\wlite\wlite.exe | "{E7DC011E-90BD-415E-87FB-EF68696618C0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | "{E91A6303-91AA-4E3B-B143-A1173590CC97}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{E9E5878B-FC08-4135-A638-C9FA498F1DFF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{EF9FDEFD-0B78-415B-92A1-D80DAC298574}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "TCP Query User{1E2C934A-72A8-454D-966C-66A371B6176D}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe | "TCP Query User{1FDC8070-7910-4566-AC7E-88DCAAA47C25}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | "TCP Query User{28FE7431-7FD9-4EC3-9D81-2D876D9CF080}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{2E33F487-9065-4FFE-A7A0-3C6F09089C2A}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "TCP Query User{4529276E-839B-4B58-A22D-CAE7A8FF886C}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{4C033DAF-E99E-404A-A01D-C9C3B97B6E2B}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "TCP Query User{79FD4453-E3D2-4ECB-B903-A0215C1717CE}C:\program files\konnekt\konnekt.exe" = protocol=6 | dir=in | app=c:\program files\konnekt\konnekt.exe | "TCP Query User{8FE01728-612B-4919-8557-AE6C4C5FC57B}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe | "TCP Query User{996F8AFC-C2C4-4749-AB3D-D7AAE659E582}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{9BAF49D0-7FC7-4A72-9EED-43CFAA1D3317}C:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=6 | dir=in | app=c:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe | "TCP Query User{AAC2022B-2774-4832-9002-CAA2DB4EA033}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{CD80A76B-5B4E-4CCB-B223-CD488E545A81}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{CE484653-97C7-47FF-A50C-59BB5535E34C}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{073C43BF-9AD6-4911-AAFA-43FE0BF5D754}C:\program files\konnekt\konnekt.exe" = protocol=17 | dir=in | app=c:\program files\konnekt\konnekt.exe | "UDP Query User{27E3B538-6933-45AA-B6AB-B632CA4F2AC5}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{28762AB0-F2A7-46CF-A40D-E1AFC001BD50}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "UDP Query User{35DC03BA-4629-4693-81F7-B1FC8B070605}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe | "UDP Query User{591DC80F-FE82-4290-914B-4CD0BDBCE3A4}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe | "UDP Query User{5AFBC88E-4FD2-412F-A0B1-102AB5F069EC}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{5C365818-2757-46DD-BD76-5FAE52DF584D}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{6F1EA0CC-7DDB-4A7D-8432-07203D8758C3}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | "UDP Query User{8A2E7243-E10C-49BA-A295-1C62220CE1F4}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{96D770DC-282E-45CA-9B6A-E6E08A2CDD7E}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe | "UDP Query User{B05D618D-321E-497E-93AB-2CD747C5880E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{DBF6596A-28DB-44F3-9A53-51B6D47977CA}C:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=17 | dir=in | app=c:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe | "UDP Query User{DE700085-FF65-48CA-BDEF-294FD957D66E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8 "{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos "{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}" = Nokia Home Media Server "{0F1A2E4E-E2EE-4806-B7CE-356D83A3CDEB}" = Windows Live Family Safety "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld "{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10 "{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{18756A46-652E-4ED4-A029-C4940D59F09B}" = Nokia PC Suite "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1 "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 F2 "{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5 "{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer "{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext "{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works "{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari "{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6D45EF03-E8EE-4355-81C3-F918CBCF1045}" = Nero 8 "{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply "{706EA4A8-97B5-4C29-A0F3-0B38C666F0C4}" = QuarkXPress "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit "{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4 "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install "{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting "{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n "{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C03BEFC-E8BA-4D35-B8DE-EFAA426550D1}" = HP User Guides 0096 "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8C91D53E-0C23-4A79-A480-68A443D80100}" = PC Connectivity Solution "{8DBA47D0-7BE5-4512-A6DE-D8FF475FD2AF}" = 3531-W-D "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan "{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{9F59C3AE-81B0-4EF6-9762-D674BB079705}" = Nokia Software Updater "{9FA2E0CF-64E8-3536-BA71-618A48D9AF55}" = Google Talk Plugin "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3 "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager "{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager "{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements "{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C7AF7F33-9092-997E-2D29-DE8095863FE3}" = DigitalPersona Personal 3.0.0 "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder Seria 9 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EBC4C458-CFBF-49A6-9437-1E6F9A561210}" = AmbraSoft Familiepakket 0910 "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources "{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2 "{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery "{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities "{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "2EFF310ED3BF3BFB24E6CC25AEB5491813E56803" = Windows-stuurprogrammapakket - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2) "504244733D18C8F63FF584AEB290E3904E791693" = Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Aangifte inkomstenbelasting 2008" = Aangifte inkomstenbelasting 2008 "Aangifte inkomstenbelasting 2009" = Aangifte inkomstenbelasting 2009 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AIM_6" = AIM 6 "Akamai" = Akamai NetSession Interface "AOL Toolbar" = AOL Toolbar 5.0 "AQQ" = WapSter AQQ "Artisteer 2" = Artisteer 2 "AVerMedia MCE Encoder" = AVerMedia MCE Encoder 3.2.1.62 "BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1 "CCleaner" = CCleaner (remove only) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DOC to Image Converter_is1" = DOC to Image Converter 2.00 "EditPlus 3" = EditPlus 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "faktura" = faktura "Fakturka_is1" = Fakturka 1.07 "FileZilla Client" = FileZilla Client 3.3.5.1 "Flash Movie Extractor Scout_is1" = Flash Movie Extractor Scout "Fotosizer" = Fotosizer 1.28 "Free PS Convert driver_is1" = Free PS Convert driver 8.15 "FreeCommander_is1" = FreeCommander 2009.02b "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Updater" = Google Updater "GzegzolkaXP_is1" = Gżegżółka XP 7.1.2.2 "HP Document Manager" = HP Document Manager 2.0 "HP Imaging Device Functions" = HP Imaging Device Functions 12.0 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0 "HPExtendedCapabilities" = HP Customer cenzura! Program 12.0 "HPOCR" = OCR Software by I.R.I.S. 12.0 "ieSpell" = ieSpell "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "Integrated HP Hybrid TV Tuner" = Integrated HP Hybrid TV Tuner 0.0.0.6a "ipla" = ipla 2.2.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16) "Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21) "NK Sender_is1" = NK Sender 1.5 Alpha "Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011 "Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011 "Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019 "Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018 "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Nvu_is1" = Nvu 1.0 "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "OpenSSL (32-bit)_is1" = OpenSSL 1.0.0a (32-bit) "Opera 11.01.1190" = Opera 11.01 "P2PFilter" = P2PFilter 3.0.5 "Picasa 3" = Picasa 3 "PK-PCSU_is1" = Przyspiesz Komputer "PrecelSeoMaster_is1" = Precel SEO Master 1.5.0 "Rapid Express_is1" = Rapid Express "RealPlayer 6.0" = RealPlayer "Scribus 1.3.3.13" = Scribus 1.3.3.13 "SeeToo_for_Justin.tv Toolbar" = SeeToo_for_Justin.tv Toolbar "Shop for HP Supplies" = Shop for HP Supplies "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6 "SopCast" = SopCast 3.2.9 "Speccy" = Speccy "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamViewer 6" = TeamViewer 6 "TomTom HOME" = TomTom HOME 2.6.4.1641 "Total Video Converter 3.70_is1" = Total Video Converter 3.70 100621 "Totalcmd" = Total Commander (Remove or Repair) "Traffic Travis_is1" = Traffic Travis 3.3.0 "TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VLC media player 1.0.0 "VoipDiscount_is1" = VoipDiscount "Windows Media Encoder 9" = Windows Media Encoder Seria 9 "WinGimp-2.0_is1" = GIMP 2.6.5 "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = Archiwizator WinRAR "xampp" = XAMPP 1.6.7 "Xvid_is1" = Xvid 1.2.1 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-148305267-3469724838-3929971888-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{B7961CCE-CF36-4858-BC1A-D06D3D25ECE5}_is1" = Albelli Fotoboeken "Facebook Plug-In" = Facebook Plug-In "Google Chrome" = Google Chrome "OpenP2M for Java 1.6" = OpenP2M for Java 1.6 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-04-18 08:31:40 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-19 01:32:32 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-19 01:59:33 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-19 09:23:38 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-20 01:14:29 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-20 11:33:44 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-20 12:55:36 | Computer Name = Com | Source = WinMgmt | ID = 10 Description = Error - 2011-04-20 14:02:45 | Computer Name = Com | Source = Application Hang | ID = 1002 Description = Programma rhoqd4ev.exe, versie 1.0.15.15570 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren. Proces-id: 5ec Starttijd: 01cbff84d319ecb0 Eindtijd: 5 Error - 2011-04-20 14:05:12 | Computer Name = Com | Source = Application Error | ID = 1000 Description = Toepassing met fout rhoqd4ev.exe, versie 1.0.15.15570, tijdstempel 0x4d86265c, module met fout rhoqd4ev.exe, versie 1.0.15.15570, tijdstempel 0x4d86265c, uitzonderingscode 0xc0000005, foutmarge 0x0000c676, proces-id 0x914, starttijd van toepassing 0x01cbff84f3591500. Error - 2011-04-20 14:08:59 | Computer Name = Com | Source = Application Hang | ID = 1002 Description = Programma OTL(2).exe, versie 3.2.22.3 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren. Proces-id: 10a0 Starttijd: 01cbff859a254700 Eindtijd: 5 [ DigitalPersona Pro Events ] Error - 2010-05-06 01:43:27 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-07 01:44:27 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-08 02:32:48 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-09 02:57:07 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-17 01:50:25 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-17 21:25:31 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-19 01:54:06 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-20 01:50:26 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-21 01:42:23 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. Error - 2010-05-21 02:18:31 | Computer Name = Com | Source = DigitalPersona Pro | ID = 17827075 Description = Agent kan niet starten. Omschrijving: Er is een andere actieve agent aangetroffen. [ Media Center Events ] Error - 2009-01-31 08:45:05 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:37:30 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:37:33 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:38:05 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:38:07 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:38:10 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:38:17 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2009-01-31 09:38:19 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2010-02-21 05:42:08 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = Error - 2010-02-21 05:42:12 | Computer Name = Com | Source = ehRecvr | ID = 3 Description = [ System Events ] Error - 2011-04-20 11:38:51 | Computer Name = Com | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2011-04-20 12:54:05 | Computer Name = Com | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 18:52:02 op 2011-04-20 is onverwacht gebeurd. Error - 2011-04-20 12:54:22 | Computer Name = Com | Source = Dhcp | ID = 1002 Description = De IP-adreslease 192.168.0.101 voor de netwerkkaart met netwerkadres 00215C1DBE5D is geweigerd door de DHCP-server 192.168.1.1. De DHCP-server heeft een DHCPNACK-bericht verzonden. Error - 2011-04-20 12:55:12 | Computer Name = Com | Source = DCOM | ID = 10016 Description = Error - 2011-04-20 12:55:37 | Computer Name = Com | Source = Service Control Manager | ID = 7009 Description = Error - 2011-04-20 12:57:39 | Computer Name = Com | Source = Service Control Manager | ID = 7022 Description = Error - 2011-04-20 12:57:39 | Computer Name = Com | Source = Service Control Manager | ID = 7001 Description = Error - 2011-04-20 12:57:39 | Computer Name = Com | Source = Service Control Manager | ID = 7026 Description = Error - 2011-04-20 13:00:12 | Computer Name = Com | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2011-04-20 13:49:05 | Computer Name = Com | Source = Dhcp | ID = 1002 Description = De IP-adreslease 192.168.1.11 voor de netwerkkaart met netwerkadres 00215C1DBE5D is geweigerd door de DHCP-server 192.168.0.1. De DHCP-server heeft een DHCPNACK-bericht verzonden. < End of report >

i SysProt:

Kod: Zaznacz wszystko: SysProt AntiRootkit v1.0.1.0 by swatkat ****************************************************************************************** ****************************************************************************************** Process: Name: [System Idle Process] PID: 0 Hidden: No Window Visible: No Name: System PID: 4 Hidden: No Window Visible: No Name: C:\Windows\System32\smss.exe PID: 524 Hidden: No Window Visible: No Name: C:\Windows\System32\csrss.exe PID: 656 Hidden: No Window Visible: No Name: C:\Windows\System32\wininit.exe PID: 708 Hidden: No Window Visible: No Name: C:\Windows\System32\csrss.exe PID: 716 Hidden: No Window Visible: No Name: C:\Windows\System32\services.exe PID: 760 Hidden: No Window Visible: No Name: C:\Windows\System32\lsass.exe PID: 772 Hidden: No Window Visible: No Name: C:\Windows\System32\lsm.exe PID: 780 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 936 Hidden: No Window Visible: No Name: C:\Windows\System32\nvvsvc.exe PID: 992 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1028 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1092 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1132 Hidden: No Window Visible: No Name: C:\Windows\System32\winlogon.exe PID: 1176 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1236 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1256 Hidden: No Window Visible: No Name: C:\Windows\System32\audiodg.exe PID: 1332 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1356 Hidden: No Window Visible: No Name: C:\Windows\System32\SLsvc.exe PID: 1380 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1428 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 1572 Hidden: No Window Visible: No Name: C:\Windows\System32\spoolsv.exe PID: 1808 Hidden: No Window Visible: No Name: C:\Windows\System32\taskeng.exe PID: 1816 Hidden: No Window Visible: No Name: C:\Program Files\DigitalPersona\Bin\DpHostW.exe PID: 1940 Hidden: No Window Visible: No Name: C:\Windows\System32\nvvsvc.exe PID: 1996 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 928 Hidden: No Window Visible: No Name: C:\Program Files\DigitalPersona\Bin\DpAgent.exe PID: 2108 Hidden: No Window Visible: No Name: C:\Windows\System32\dwm.exe PID: 2256 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2308 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PID: 2360 Hidden: No Window Visible: No Name: C:\Windows\explorer.exe PID: 2368 Hidden: No Window Visible: No Name: C:\Windows\System32\taskeng.exe PID: 2392 Hidden: No Window Visible: No Name: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PID: 2824 Hidden: No Window Visible: No Name: C:\Program Files\Bonjour\mDNSResponder.exe PID: 2888 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2920 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2952 Hidden: No Window Visible: No Name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PID: 3028 Hidden: No Window Visible: No Name: C:\Windows\System32\srvany.exe PID: 3132 Hidden: No Window Visible: No Name: C:\Windows\KMService.exe PID: 3164 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe PID: 3172 Hidden: No Window Visible: No Name: C:\xampp\mysql\bin\mysqld-nt.exe PID: 3224 Hidden: No Window Visible: No Name: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PID: 3352 Hidden: No Window Visible: No Name: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PID: 3380 Hidden: No Window Visible: No Name: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PID: 3420 Hidden: No Window Visible: No Name: C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PID: 3484 Hidden: No Window Visible: No Name: C:\Program Files\HP\QuickPlay\QPService.exe PID: 3496 Hidden: No Window Visible: No Name: C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe PID: 3516 Hidden: No Window Visible: No Name: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PID: 3524 Hidden: No Window Visible: No Name: C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PID: 3572 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\Java\Java Update\jusched.exe PID: 3616 Hidden: No Window Visible: No Name: C:\Windows\ehome\ehtray.exe PID: 2536 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 3988 Hidden: No Window Visible: No Name: C:\Windows\System32\IoctlSvc.exe PID: 4024 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 4064 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 4080 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe PID: 2288 Hidden: No Window Visible: No Name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PID: 2688 Hidden: No Window Visible: No Name: C:\Windows\ehome\ehmsas.exe PID: 844 Hidden: No Window Visible: No Name: C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe PID: 2720 Hidden: No Window Visible: No Name: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PID: 1208 Hidden: No Window Visible: No Name: C:\Program Files\CyberLink\Shared Files\RichVideo.exe PID: 3412 Hidden: No Window Visible: No Name: C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PID: 2216 Hidden: No Window Visible: No Name: C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE PID: 3532 Hidden: No Window Visible: No Name: C:\Program Files\Microsoft\BingBar\SeaPort.EXE PID: 3456 Hidden: No Window Visible: No Name: C:\Windows\System32\stacsv.exe PID: 1004 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 2088 Hidden: No Window Visible: No Name: C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe PID: 3844 Hidden: No Window Visible: No Name: C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PID: 1244 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 3408 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PID: 3148 Hidden: No Window Visible: No Name: C:\Windows\System32\SearchIndexer.exe PID: 3896 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PID: 3152 Hidden: No Window Visible: No Name: C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe PID: 1044 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 5788 Hidden: No Window Visible: No Name: C:\Windows\ehome\ehsched.exe PID: 6104 Hidden: No Window Visible: No Name: C:\Program Files\Windows Media Player\wmpnscfg.exe PID: 2336 Hidden: No Window Visible: No Name: C:\Windows\System32\wbem\WmiPrvSE.exe PID: 4176 Hidden: No Window Visible: No Name: C:\Program Files\Windows Media Player\wmpnetwk.exe PID: 4292 Hidden: No Window Visible: No Name: C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PID: 5016 Hidden: No Window Visible: No Name: C:\Windows\ehome\ehrecvr.exe PID: 5404 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 3000 Hidden: No Window Visible: No Name: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe PID: 4168 Hidden: No Window Visible: No Name: C:\Windows\System32\wuauclt.exe PID: 5200 Hidden: No Window Visible: No Name: C:\Windows\System32\wbem\unsecapp.exe PID: 5952 Hidden: No Window Visible: No Name: C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PID: 4100 Hidden: No Window Visible: No Name: C:\Windows\notepad.exe PID: 5460 Hidden: No Window Visible: Yes Name: C:\Windows\notepad.exe PID: 2560 Hidden: No Window Visible: Yes Name: C:\Windows\System32\VSSVC.exe PID: 5912 Hidden: No Window Visible: No Name: C:\Windows\System32\svchost.exe PID: 5288 Hidden: No Window Visible: No Name: C:\Program Files\Mozilla Firefox\firefox.exe PID: 5312 Hidden: No Window Visible: No Name: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe PID: 5172 Hidden: No Window Visible: No Name: C:\Program Files\Mozilla Firefox\plugin-container.exe PID: 3944 Hidden: No Window Visible: No Name: C:\Windows\System32\SearchProtocolHost.exe PID: 3180 Hidden: No Window Visible: No Name: C:\Windows\explorer.exe PID: 4076 Hidden: No Window Visible: No Name: C:\Program Files\Internet Explorer\ielowutil.exe PID: 4456 Hidden: No Window Visible: No Name: D:\programy\WinRar\WinRAR.exe PID: 628 Hidden: No Window Visible: No Name: C:\Windows\System32\SearchFilterHost.exe PID: 4872 Hidden: No Window Visible: No Name: C:\Users\Pawel\Desktop\SysProt\SysProt.exe PID: 5852 Hidden: No Window Visible: Yes ****************************************************************************************** ****************************************************************************************** SSDT: Function Name: ZwAlpcConnectPort Address: 92422E06 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwAlpcCreatePort Address: 92422F84 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwAlpcSendWaitReceivePort Address: 92423014 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwClose Address: 92421DF8 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwConnectPort Address: 924224EA Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateEvent Address: 92422816 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateFile Address: 92421F66 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateMutant Address: 924226EE Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateNamedPipeFile Address: 924219D2 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreatePort Address: 924225AA Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateSection Address: 92421B8C Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateSemaphore Address: 92422948 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwCreateWaitablePort Address: 9242264C Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwFsControlFile Address: 924220C4 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwOpenEvent Address: 924228B8 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwOpenFile Address: 92421E34 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwOpenMutant Address: 92422786 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwOpenSection Address: 9242345C Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwOpenSemaphore Address: 924229EA Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwQueryDirectoryObject Address: 92423214 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwReplyPort Address: 92422D74 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwReplyWaitReceivePort Address: 92422C3A Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwSecureConnectPort Address: 924221F0 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys Function Name: ZwSetInformationToken Address: 924232C8 Driver Base: 92404000 Driver End: 9244D000 Driver Name: \SystemRoot\system32\DRIVERS\klif.sys ****************************************************************************************** ****************************************************************************************** No Kernel Hooks found ****************************************************************************************** ****************************************************************************************** Ports: Local Address: COM.SITECOMWL306:52437 Remote Address: 213.200.111.122:HTTPS Type: TCP Process: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe State: ESTABLISHED Local Address: COM.SITECOMWL306:NETBIOS-SSN Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: COM:53880 Remote Address: LOCALHOST:NFSD-STATUS Type: TCP Process: [System Idle Process] State: TIME_WAIT Local Address: COM:53505 Remote Address: LOCALHOST:53504 Type: TCP Process: C:\Program Files\Mozilla Firefox\firefox.exe State: ESTABLISHED Local Address: COM:53504 Remote Address: LOCALHOST:53505 Type: TCP Process: C:\Program Files\Mozilla Firefox\firefox.exe State: ESTABLISHED Local Address: COM:53503 Remote Address: LOCALHOST:53502 Type: TCP Process: C:\Program Files\Mozilla Firefox\firefox.exe State: ESTABLISHED Local Address: COM:53502 Remote Address: LOCALHOST:53503 Type: TCP Process: C:\Program Files\Mozilla Firefox\firefox.exe State: ESTABLISHED Local Address: COM:52436 Remote Address: LOCALHOST:NFSD-STATUS Type: TCP Process: C:\Windows\System32\svchost.exe State: ESTABLISHED Local Address: COM:49160 Remote Address: LOCALHOST:49159 Type: TCP Process: C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe State: ESTABLISHED Local Address: COM:49159 Remote Address: LOCALHOST:49160 Type: TCP Process: C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe State: ESTABLISHED Local Address: COM:27015 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe State: LISTENING Local Address: COM:9423 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM:9422 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM:9421 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM:5939 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe State: LISTENING Local Address: COM:5354 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: LISTENING Local Address: COM:NFSD-STATUS Remote Address: LOCALHOST:52436 Type: TCP Process: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe State: ESTABLISHED Local Address: COM:52472 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM:49165 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\services.exe State: LISTENING Local Address: COM:49155 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\lsass.exe State: LISTENING Local Address: COM:49154 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM:49153 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM:49152 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\wininit.exe State: LISTENING Local Address: COM:19780 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe State: LISTENING Local Address: COM:5357 Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: COM:3306 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\xampp\mysql\bin\mysqld-nt.exe State: LISTENING Local Address: COM:1688 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\KMService.exe State: LISTENING Local Address: COM:NFSD-STATUS Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe State: LISTENING Local Address: COM:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: COM:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: COM.SITECOMWL306:54891 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM.SITECOMWL306:5353 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: COM.SITECOMWL306:SSDP Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM.SITECOMWL306:427 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM.SITECOMWL306:138 Remote Address: NA Type: UDP Process: System State: NA Local Address: COM.SITECOMWL306:NETBIOS-NS Remote Address: NA Type: UDP Process: System State: NA Local Address: COM:61466 Remote Address: NA Type: UDP Process: C:\Windows\explorer.exe State: NA Local Address: COM:58382 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:58381 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:54892 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:49156 Remote Address: NA Type: UDP Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe State: NA Local Address: COM:49155 Remote Address: NA Type: UDP Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe State: NA Local Address: COM:49154 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:49153 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:SSDP Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:58384 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:58383 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:55532 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:52291 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:49157 Remote Address: NA Type: UDP Process: C:\Program Files\Bonjour\mDNSResponder.exe State: NA Local Address: COM:49152 Remote Address: NA Type: UDP Process: C:\Windows\System32\spoolsv.exe State: NA Local Address: COM:LLMNR Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:IPSEC-MSFT Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:500 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:427 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: COM:123 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA ****************************************************************************************** ******************************************************************************************

Z góry dzięki za pomoc :wink:

**Posty:** 2183 · przez **NieWiem** 21 Kwi 2011, 14:31

Zamiast SysProt daj mi loga z IceSword:

Pobierz Iceswords
STĄD
Zapisz i wypakuj do folderu na Pulpicie.

Jeśli zobaczysz mnóstwo wpisów oznaczonych na czerwono w logu - nie podejmuj akcji!

Uruchom Icesword
kliknij Processes - zapisz PathName procesów oznaczonych na czerwono (jeśli są) po czym u góry kliknij LOG i zapisz to do pliku.
kliknij Win32 Services - zapisz ModuleName usług zaznaczonych na czerwono (jeśli są), po czym u góry kliknij LOG i zapisz to do pliku.
Kliknij Startup - zapisz Path wpisów oznaczonych na czerwono, po czym u góry kliknij LOG i zapisz to do pliku.
Kliknij Kernel Module - zapisz nazwę wpisów czerwonych, po czym u góry kliknij LOG i zapisz to do pliku.
Kliknij SSDT - sprawdź czy są czerwone wpisy. Jeśli są - przepisz ich KModule Name.

Całość informacji spakuj, wrzuć na www.speedyshare.com i daj mi linka do paczki.

Aczkolwiek tak wprost nie widzę nic bardzo ciekawego, oprócz jakichś drobnych śmieci przeglądarkowych...

No i to:

BHO: (SeeToo for Justin.tv Toolbar)

**Posty:** 256 · przez **pawel1979** 21 Kwi 2011, 18:30

Nie mogę tego uruchomić taki błąd jak poniżej:

**Posty:** 18165 · przez **wojtas** 24 Kwi 2011, 11:41

odinstaluj śmieci:

Akamai NetSession Interface, Ask Toolbar,Bing Bar, SeeToo_for_Justin.tv Toolbar, Przyspiesz Komputer

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
SRV - [2011-03-30 22:07:31 | 003,229,784 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll -- (Akamai)
IE - HKLM\..\URLSearchHook: {c0766b46-82cf-4d08-b47e-a4b85928028b} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\URLSearchHook: {c0766b46-82cf-4d08-b47e-a4b85928028b} - C:\Program Files\SeeToo_for_Justin.tv\tbSee1.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q="
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q="
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKU\S-1-5-21-148305267-3469724838-3929971888-1000..\Run: [AdobeBridge] File not found
O16 - DPF: Justin.tv Publisher http://www.justin.tv/plugins/justintv_publisher.CAB (Reg Error: Key error.)

:Files
C:\Windows\tasks\*.job
C:\Users\Pawel\AppData\Local\*.html

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).