[code] OTS logfile created on: 2011-02-21 18:46:32 - Run 3 OTS by OldTimer - Version 3.1.41.4 Folder = C:\Users\Intel\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 61,06 Gb Total Space | 18,66 Gb Free Space | 30,56% Space Free | Partition Type: NTFS Drive D: | 87,89 Gb Total Space | 69,54 Gb Free Space | 79,12% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: INTEL-KOMPUTER Current User Name: Intel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Intel\Downloads\OTS.exe -> [2011-02-21 17:09:51 | 000,642,560 | ---- | M] (OldTimer Tools) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2011-01-20 07:37:17 | 000,180,269 | ---- | M] (RealNetworks, Inc.) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) plugin-container.exe -> C:\Program Files\Mozilla Firefox\plugin-container.exe -> [2010-12-03 20:58:04 | 000,016,856 | ---- | M] (Mozilla Corporation) msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) atieclxx.exe -> C:\Windows\System32\atieclxx.exe -> [2010-11-26 03:54:28 | 000,393,216 | ---- | M] (AMD) atiesrxx.exe -> C:\Windows\System32\atiesrxx.exe -> [2010-11-26 03:54:00 | 000,176,128 | ---- | M] (AMD) msmpeng.exe -> C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) dtlite.exe -> C:\Program Files\DAEMON Tools Lite\DTLite.exe -> [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) sppsvc.exe -> C:\Windows\System32\sppsvc.exe -> [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\Windows\explorer.exe -> [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) exproelauncher.exe -> C:\Program Files\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe -> [2009-04-28 08:50:24 | 000,086,016 | ---- | M] (Nektra S.A.) [Modules - Safe List] ots.exe -> C:\Users\Intel\Downloads\OTS.exe -> [2011-02-21 17:09:51 | 000,642,560 | ---- | M] (OldTimer Tools) sspicli.dll -> C:\Windows\System32\sspicli.dll -> [2009-07-14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) sechost.dll -> C:\Windows\System32\sechost.dll -> [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) profapi.dll -> C:\Windows\System32\profapi.dll -> [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) kernelbase.dll -> C:\Windows\System32\KernelBase.dll -> [2009-07-14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) dwmapi.dll -> C:\Windows\System32\dwmapi.dll -> [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) devobj.dll -> C:\Windows\System32\devobj.dll -> [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) cryptbase.dll -> C:\Windows\System32\cryptbase.dll -> [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) cfgmgr32.dll -> C:\Windows\System32\cfgmgr32.dll -> [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (AMD External Events Utility) AMD External Events Utility [Auto | Running] -> C:\Windows\System32\atiesrxx.exe -> [2010-11-26 03:54:00 | 000,176,128 | ---- | M] (AMD) (NisSrv) Inspekcja sieci firmy Microsoft [On_Demand | Stopped] -> C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2010-11-11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) (MsMpSvc) Microsoft Antimalware Service [Auto | Running] -> C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) (WwanSvc) Automatyczne konfigurowanie bezprzewodowej sieci WAN [On_Demand | Stopped] -> C:\Windows\System32\wwansvc.dll -> [2009-07-14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) (WbioSrvc) Usługa biometryczna systemu Windows [On_Demand | Stopped] -> C:\Windows\System32\wbiosrvc.dll -> [2009-07-14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) (Power) Zasilanie [Auto | Running] -> C:\Windows\System32\umpo.dll -> [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) (Themes) Kompozycje [Auto | Running] -> C:\Windows\System32\themeservice.dll -> [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) (sppuinotify) Usługa powiadomień SPP [On_Demand | Stopped] -> C:\Windows\System32\sppuinotify.dll -> [2009-07-14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) (RpcEptMapper) Program mapowania punktów końcowych wywołań RPC [Unknown | Running] -> C:\Windows\System32\RpcEpMap.dll -> [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) (SensrSvc) Jasność adaptacyjna [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) (PeerDistSvc) BranchCache [On_Demand | Stopped] -> C:\Windows\System32\PeerDistSvc.dll -> [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) (PNRPsvc) Protokół rozpoznawania nazw równorzędnych [On_Demand | Running] -> C:\Windows\System32\pnrpsvc.dll -> [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) (p2pimsvc) Menedżer tożsamości sieci równorzędnej [On_Demand | Running] -> C:\Windows\System32\pnrpsvc.dll -> [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) (HomeGroupProvider) Dostawca grupy domowej [On_Demand | Running] -> C:\Windows\System32\provsvc.dll -> [2009-07-14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) (PNRPAutoReg) Usługa publikowania nazw komputerów PNRP [On_Demand | Stopped] -> C:\Windows\System32\pnrpauto.dll -> [2009-07-14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Disabled | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) (HomeGroupListener) Usługa nasłuchująca grup domowych [On_Demand | Running] -> C:\Windows\System32\ListSvc.dll -> [2009-07-14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) (FontCache) Usług systemu Windows buforowania czcionek [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009-07-14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) (Dhcp) Klient DHCP [Auto | Running] -> C:\Windows\System32\dhcpcore.dll -> [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) (defragsvc) Defragmentator dysków [On_Demand | Stopped] -> C:\Windows\System32\defragsvc.dll -> [2009-07-14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) (BDESVC) Usługa szyfrowania dysków funkcją BitLocker [Unknown | Stopped] -> C:\Windows\System32\bdesvc.dll -> [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) (AxInstSV) Instalator formantów ActiveX (AxInstSV) [On_Demand | Stopped] -> C:\Windows\System32\AxInstSv.dll -> [2009-07-14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) (AppIDSvc) Tożsamość aplikacji [On_Demand | Stopped] -> C:\Windows\System32\appidsvc.dll -> [2009-07-14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) (sppsvc) Ochrona oprogramowania [Auto | Running] -> C:\Windows\System32\sppsvc.exe -> [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (MpKslc7df9e5f) MpKslc7df9e5f [Kernel | System | Running] -> C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7B2675EB-B623-4AC0-9A8F-62A7FD1E5DC8}\MpKslc7df9e5f.sys -> [2011-02-21 18:42:12 | 000,028,752 | ---- | M] (Microsoft Corporation) (MpKsl672d9fb7) MpKsl672d9fb7 [Kernel | System | Running] -> C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7B2675EB-B623-4AC0-9A8F-62A7FD1E5DC8}\MpKsl672d9fb7.sys -> [2011-02-21 15:12:38 | 000,028,752 | ---- | M] (Microsoft Corporation) (sptd) sptd [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\sptd.sys -> [2011-01-19 16:46:13 | 000,691,696 | ---- | M] () (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2010-12-30 11:59:18 | 003,351,208 | ---- | M] (Realtek Semiconductor Corp.) (amdkmdag) amdkmdag [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atikmdag.sys -> [2010-11-26 05:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) (amdkmdap) amdkmdap [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atikmpag.sys -> [2010-11-26 03:16:26 | 000,231,936 | ---- | M] (Advanced Micro Devices, Inc.) (AtiHDAudioService) ATI Function Driver for HD Audio Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AtihdW73.sys -> [2010-11-17 13:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) (NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NisDrvWFP.sys -> [2010-10-24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) (MpNWMon) Microsoft Malware Protection Network Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\MpNWMon.sys -> [2010-10-24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) (cmdide) cmdide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\cmdide.sys -> [2009-07-14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) (adpahci) adpahci [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\adpahci.sys -> [2009-07-14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) (adp94xx) adp94xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\adp94xx.sys -> [2009-07-14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) (amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\amdsbs.sys -> [2009-07-14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) (adpu320) adpu320 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\adpu320.sys -> [2009-07-14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) (arcsas) arcsas [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\arcsas.sys -> [2009-07-14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) (amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\amdsata.sys -> [2009-07-14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) (arc) arc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\arc.sys -> [2009-07-14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) (amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\amdxata.sys -> [2009-07-14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) (aliide) aliide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\aliide.sys -> [2009-07-14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) (nvstor) nvstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nvstor.sys -> [2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) (nvraid) nvraid [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nvraid.sys -> [2009-07-14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) (nfrd960) nfrd960 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nfrd960.sys -> [2009-07-14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) (LSI_SAS) LSI_SAS [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_sas.sys -> [2009-07-14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) (iaStorV) iaStorV [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\iaStorV.sys -> [2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) (MegaSR) MegaSR [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\MegaSR.sys -> [2009-07-14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) (KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\ksecpkg.sys -> [2009-07-14 02:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) (LSI_SCSI) LSI_SCSI [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_scsi.sys -> [2009-07-14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) (LSI_FC) LSI_FC [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_fc.sys -> [2009-07-14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) (LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\lsi_sas2.sys -> [2009-07-14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) (iirsp) iirsp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\iirsp.sys -> [2009-07-14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) (megasas) megasas [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\megasas.sys -> [2009-07-14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) (hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\hwpolicy.sys -> [2009-07-14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) (elxstor) elxstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\elxstor.sys -> [2009-07-14 02:20:28 | 000,453,712 | ---- | M] (Emulex) (aic78xx) aic78xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\djsvs.sys -> [2009-07-14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) (HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\HpSAMD.sys -> [2009-07-14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) (FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\fsdepends.sys -> [2009-07-14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) (vsmraid) vsmraid [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vsmraid.sys -> [2009-07-14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) (vmbus) Magistrala maszyny wirtualnej [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vmbus.sys -> [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) (vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vhdmp.sys -> [2009-07-14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) (storflt) Sterownik filtru przyspieszania magistrali dyskowej maszyny wirtualnej [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vmstorfl.sys -> [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) (vdrvroot) Sterownik modułu wyliczającego dysku wirtualnego Microsoft [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vdrvroot.sys -> [2009-07-14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) (storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\storvsc.sys -> [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\wimmount.sys -> [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) (viaide) viaide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\viaide.sys -> [2009-07-14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) (ql2300) ql2300 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ql2300.sys -> [2009-07-14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) (rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\System32\drivers\rdyboost.sys -> [2009-07-14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) (ql40xx) ql40xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ql40xx.sys -> [2009-07-14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) (SiSRaid4) SiSRaid4 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\sisraid4.sys -> [2009-07-14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) (pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\pcw.sys -> [2009-07-14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) (SiSRaid2) SiSRaid2 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\SiSRaid2.sys -> [2009-07-14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) (stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\stexstor.sys -> [2009-07-14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) (CNG) CNG [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\cng.sys -> [2009-07-14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Brserid.sys -> [2009-07-14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) (rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\rdpbus.sys -> [2009-07-14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) (RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\System32\drivers\RDPREFMP.sys -> [2009-07-14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) (RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\agilevpn.sys -> [2009-07-14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) (WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\System32\drivers\wfplwf.sys -> [2009-07-14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) (NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ndiscap.sys -> [2009-07-14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) (vwifibus) Sterownik wirtualnej magistrali WiFi [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\vwifibus.sys -> [2009-07-14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) (1394ohci) 1394 OHCI Compliant Host Controller [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\1394ohci.sys -> [2009-07-14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) (UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\umpass.sys -> [2009-07-14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) (mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mshidkmdf.sys -> [2009-07-14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) (MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\MTConfig.sys -> [2009-07-14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) (CompositeBus) Sterownik modułu wyliczającego magistrali kompozytowej [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CompositeBus.sys -> [2009-07-14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) (AppID) Sterownik AppID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\appid.sys -> [2009-07-14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) (scfilter) Sterownik filtru klas karty inteligentnej PnP [Kernel | Unknown | Stopped] -> C:\Windows\System32\drivers\scfilter.sys -> [2009-07-14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) (s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vms3cap.sys -> [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) (VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\VMBusHID.sys -> [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) (discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\System32\drivers\discache.sys -> [2009-07-14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) (AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\acpipmi.sys -> [2009-07-14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) (AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\amdppm.sys -> [2009-07-14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) (hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\hcw85cir.sys -> [2009-07-13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\BrUsbMdm.sys -> [2009-07-13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\BrUsbSer.sys -> [2009-07-13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\BrSerWdm.sys -> [2009-07-13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\BrFiltLo.sys -> [2009-07-13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\BrFiltUp.sys -> [2009-07-13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) (RTL8167) Sterownik Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Rt86win7.sys -> [2009-07-13 23:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) (b57nd60x) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\b57nd60x.sys -> [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) (ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\evbdx.sys -> [2009-07-13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) (b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\bxvbdx.sys -> [2009-07-13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) (SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\System32\drivers\scdemu.sys -> [2008-03-14 07:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\] > -> -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\: Main\\"Start Page" -> about:blank -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\Intel\AppData\Roaming\Mozilla\FireFox\Profiles\jceikm04.default\prefs.js -> browser.search.openintab -> true -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official" -> extensions.enabledItems -> expressivo@expressivo.com:1.0 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 -> extensions.enabledItems -> {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 -> extensions.enabledItems -> {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12 -> network.proxy.backup.ftp -> "127.0.0.1" -> network.proxy.backup.ftp_port -> 9666 -> network.proxy.backup.gopher -> "127.0.0.1" -> network.proxy.backup.gopher_port -> 9666 -> network.proxy.backup.socks -> "127.0.0.1" -> network.proxy.backup.socks_port -> 9666 -> network.proxy.backup.ssl -> "127.0.0.1" -> network.proxy.backup.ssl_port -> 9666 -> network.proxy.ftp -> "127.0.0.1" -> network.proxy.ftp_port -> 9666 -> network.proxy.gopher -> "127.0.0.1" -> network.proxy.gopher_port -> 9666 -> network.proxy.http -> "127.0.0.1" -> network.proxy.http_port -> 9666 -> network.proxy.share_proxy_settings -> true -> network.proxy.socks -> "127.0.0.1" -> network.proxy.socks_port -> 9666 -> network.proxy.ssl -> "127.0.0.1" -> network.proxy.ssl_port -> 9666 -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-02-19 23:48:37 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011-02-19 23:48:25 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Intel\AppData\Roaming\mozilla\Extensions -> [2011-02-19 23:48:49 | 000,000,000 | ---D | M] -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions -> [2011-02-21 18:42:34 | 000,000,000 | ---D | M] All-in-One Sidebar -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} -> [2011-02-21 15:15:53 | 000,000,000 | ---D | M] No name found -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\{5c81f57f-3cf7-4785-b4ef-11ace31aec4f} -> [2011-02-21 18:40:05 | 000,000,000 | ---D | M] Bigpoint Games PL Community Toolbar -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\{5c81f57f-3cf7-4785-b4ef-11ace31aec4f}-trash -> [2011-02-21 18:40:05 | 000,000,000 | ---D | M] Adblock Plus -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2011-02-21 15:09:48 | 000,000,000 | ---D | M] "Tab Mix Plus" -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\{dc572301-7619-498c-a57d-39143191b318} -> [2011-02-21 15:15:53 | 000,000,000 | ---D | M] -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\engine@conduit.com -> [2011-02-21 18:39:44 | 000,000,000 | ---D | M] -> C:\Users\Intel\AppData\Roaming\mozilla\Firefox\Profiles\jceikm04.default\extensions\engine@conduit.com-trash -> [2011-02-21 18:40:05 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011-02-21 18:42:34 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2011-01-21 12:14:09 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} -> [2011-01-23 09:18:28 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} -> [2011-02-16 20:50:38 | 000,000,000 | ---D | M] Expressivo Toolbar for Firefox -> C:\PROGRAM FILES\IVO\EXPRESSIVO\INTEGR\IH-FFOX -> [2011-01-31 12:03:11 | 000,000,000 | ---D | M] < HOSTS File > ([2009-06-10 22:39:37 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {85F685C3-20D9-4943-95E4-EB4224056C3F} [HKLM] -> C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [Expressivo] -> [2008-09-19 13:19:16 | 000,352,256 | ---- | M] (IVO Software Sp. z o.o.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"] -> [2011-01-30 16:45:14 | 000,035,736 | ---- | M] (Adobe Systems Incorporated) "MSC" -> C:\Program Files\Microsoft Security Client\msseces.exe ["C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2010-11-30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) "StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2010-11-25 21:40:36 | 000,336,384 | ---- | M] (Advanced Micro Devices, Inc.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2011-01-20 07:37:17 | 000,180,269 | ---- | M] (RealNetworks, Inc.) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009-07-14 02:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009-07-14 02:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\] > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DAEMON Tools Lite" -> C:\Program Files\DAEMON Tools Lite\DTLite.exe ["C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) "ExprOElauncher" -> C:\Program Files\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe [C:\Program Files\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe] -> [2009-04-28 08:50:24 | 000,086,016 | ---- | M] (Nektra S.A.) < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [0] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found \\"EnableLUA" -> [0] -> File not found \\"PromptOnSecureDesktop" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001] > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\] > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\] > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.0.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {D2C70D3B-0552-4267-B2D2-063FF8169955}\\DhcpNameServer -> 192.168.0.1 (Karta Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009-07-14 02:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\System32\pku2u.dll -> [2009-07-14 02:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{e4db6b11-23e3-11e0-bff7-001d7da1aa1c} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4db6b11-23e3-11e0-bff7-001d7da1aa1c}\shell \{e4db6b11-23e3-11e0-bff7-001d7da1aa1c}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4db6b11-23e3-11e0-bff7-001d7da1aa1c}\shell\AutoRun\command \{e4db6b11-23e3-11e0-bff7-001d7da1aa1c}\shell\AutoRun\command\\"" -> [L:\StartUp.exe] -> File not found \{e4db6b14-23e3-11e0-bff7-001d7da1aa1c} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4db6b14-23e3-11e0-bff7-001d7da1aa1c}\shell \{e4db6b14-23e3-11e0-bff7-001d7da1aa1c}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4db6b14-23e3-11e0-bff7-001d7da1aa1c}\shell\AutoRun\command \{e4db6b14-23e3-11e0-bff7-001d7da1aa1c}\shell\AutoRun\command\\"" -> [M:\AUTORUN.EXE] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2011-02-02 23:15:30 | 000,278,528 | ---- | M] (Sun Microsystems, Inc.) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {73FA19D0-2D75-11D2-995D-00C04F98BBC9} [StubPath] -> [(default): Foldery w sieci Web; IsInstalled: 1] -> {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\] > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {73FA19D0-2D75-11D2-995D-00C04F98BBC9} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files\7-Zip\7zFM.exe [C:\Program Files\7-Zip\7zFM.exe] -> [2010-11-18 17:09:00 | 000,421,888 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe [C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe] -> [2011-01-30 16:45:14 | 001,306,008 | ---- | M] (Adobe Systems Incorporated) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found dvdmaker.exe -> C:\Program Files\DVD Maker\DVDMaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009-07-14 02:14:19 | 001,971,200 | ---- | M] (Microsoft Corporation) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe] -> [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found ipla.exe -> C:\Program Files\ipla\ipla.exe [C:\Program Files\ipla\ipla.exe] -> [2010-11-15 13:56:56 | 018,633,728 | ---- | M] (Redefine Sp z o.o.) javaws.exe -> C:\Program Files\Java\jre6\bin\javaws.exe [C:\Program Files\Java\jre6\bin\javaws.exe] -> [2011-02-02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009-07-14 02:14:22 | 001,785,344 | ---- | M] (Microsoft Corporation) mbam.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe] -> [2010-12-20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) migwiz.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found pbrush.exe -> C:\Windows\System32\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009-07-14 02:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation) Post Mortem.exe -> d:\Program Files\Microids\Post Mortem\Post Mortem.exe [d:\Program Files\Microids\Post Mortem\Post Mortem.exe] -> [2003-05-22 23:28:22 | 000,045,056 | ---- | M] (Microids Canada) PowerShell.exe -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009-07-14 02:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation) RealPlay.exe -> C:\Program Files\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\realplay.exe] -> [2011-01-20 07:37:18 | 000,208,941 | ---- | M] (RealNetworks, Inc.) rnxproc.exe -> C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe [C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe] -> [2011-01-20 07:37:17 | 000,053,291 | ---- | M] (RealNetworks, Inc.) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found SnippingTool.exe -> C:\Windows\System32\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009-07-14 02:14:39 | 000,396,288 | ---- | M] (Microsoft Corporation) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009-07-14 02:14:44 | 000,516,096 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009-07-14 02:14:44 | 000,065,536 | ---- | M] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010-03-15 11:26:37 | 001,046,016 | ---- | M] (Alexander Roshal) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009-07-14 02:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009-07-14 02:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{0561EC90-CE54-4f0c-9C55-E226110A740C}" [HKLM] -> [Haali Column Provider] -> File not found "{09A47860-11B0-4DA5-AFA5-26D86198A780}" [HKLM] -> C:\Program Files\Microsoft Security Client\shellext.dll [EPP] -> [2010-11-30 13:20:42 | 000,300,616 | ---- | M] (Microsoft Corporation) "{23170F69-40C1-278A-1000-000100020000}" [HKLM] -> C:\Program Files\7-Zip\7-zip.dll [7-Zip Shell Extension] -> [2010-11-18 17:08:12 | 000,055,808 | ---- | M] (Igor Pavlov) "{327669A0-59A7-4be9-B99E-1C9F3A57611A}" [HKLM] -> [Haali Matroska Thumbnail Extractor] -> File not found "{5574006C-28F5-4a65-A28C-74DE6BFBE0BB}" [HKLM] -> [Haali Matroska Shell Property Page] -> File not found "{5E2121EE-0300-11D4-8D3B-444553540000}" [HKLM] -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Catalyst Context Menu extension] -> [2010-11-25 21:42:30 | 000,654,336 | ---- | M] (Advanced Micro Devices, Inc.) "{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\System32\mf.dll [MF ADTS Property Handler] -> [2009-07-14 02:15:38 | 003,177,984 | ---- | M] (Microsoft Corporation) "{872A9397-E0D6-4e28-B64D-52B8D0A7EA35}" [HKLM] -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll [Display CPL Extension] -> [2010-11-25 21:41:42 | 000,467,968 | ---- | M] (Advanced Micro Devices, Inc.) "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> C:\Program Files\PowerISO\PWRISOSH.DLL [PowerISO] -> [2008-03-15 00:52:17 | 000,221,184 | ---- | M] (PowerISO Computing, Inc.) "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR shell extension] -> [2010-03-15 11:28:22 | 000,142,336 | ---- | M] (Alexander Roshal) "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" [HKLM] -> C:\Program Files\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> [2011-01-20 07:37:19 | 000,049,198 | ---- | M] (RealNetworks, Inc.) < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "vidc.cvid" -> C:\Windows\System32\iccvid.dll [iccvid.dll] -> [2009-07-14 02:15:26 | 000,082,944 | ---- | M] (Radius Inc.) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010-10-22 13:05:24 | 000,213,272 | ---- | M] (Adobe Systems, Inc.) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010-10-22 13:05:24 | 000,213,272 | ---- | M] (Adobe Systems, Inc.) {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2010-12-16 06:19:28 | 000,406,112 | ---- | M] (GG Network S.A.) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\System32\oleprn.dll [oleprn Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\System32\oleprn.dll [DSPrintQueue Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\System32\oleprn.dll [OleSNMP Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011-02-02 21:40:27 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\System32\oleprn.dll [OleCvt Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\System32\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009-07-14 02:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\System32\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009-07-14 02:14:13 | 000,067,072 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\System32\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009-07-14 02:15:01 | 001,320,960 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:27 | 000,112,416 | ---- | M] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\System32\RegCtrl.dll [Registration Control] -> [2009-07-14 02:16:13 | 000,041,472 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\System32\oleprn.dll [prturl Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\System32\msnetobj.dll [RMGetLicense Class] -> [2009-07-14 02:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\System32\oleprn.dll [OleInstall Class] -> [2009-07-14 02:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2011-01-30 16:45:14 | 000,702,864 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:27 | 000,112,416 | ---- | M] () {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:27 | 000,112,416 | ---- | M] () {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_24] -> [2011-02-02 21:40:27 | 000,112,416 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\System32\deployJava1.dll [Deployment Toolkit] -> [2011-02-02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\System32\deployJava1.dll [Deployment Toolkit] -> [2011-02-02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\Windows\System32\rmoc3260.dll [RealPlayer G2 Control] -> [2008-09-10 20:56:28 | 000,185,920 | ---- | M] (RealNetworks, Inc.) {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10l.ocx [Shockwave Flash Object] -> [2011-01-19 15:09:49 | 006,071,760 | R--- | M] (Adobe Systems, Inc.) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {85F685C3-20D9-4943-95E4-EB4224056C3F} [HKLM] -> C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [Expressivo] -> [2008-09-19 13:19:16 | 000,352,256 | ---- | M] (IVO Software Sp. z o.o.) {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10l.ocx [Shockwave Flash Object] -> [2011-01-19 15:09:49 | 006,071,760 | R--- | M] (Adobe Systems, Inc.) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {2333EB16-E7A7-4DA8-A5B8-5F2F82A3D9A3} [HKLM] -> C:\Program Files\ipla\iplamk.ocx [Iplamk Control] -> [2010-02-17 17:35:08 | 000,285,944 | ---- | M] (Redefine sp. z.o.o) {3760D689-C63B-4422-9A1D-31CA856CD5C1} [HKLM] -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.4.dll [GGClass Class] -> [2010-12-16 06:19:28 | 000,406,112 | ---- | M] (GG Network S.A.) {85F685C3-20D9-4943-95E4-EB4224056C3F} [HKLM] -> C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll [Expressivo] -> [2008-09-19 13:19:16 | 000,352,256 | ---- | M] (IVO Software Sp. z o.o.) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10l.ocx [Shockwave Flash Object] -> [2011-01-19 15:09:49 | 006,071,760 | R--- | M] (Adobe Systems, Inc.) < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .cpl [@ = cplfile] -> C:\Windows\System32\control.exe -> [2009-07-14 02:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) .exe [@ = exefile] -> "%1" %* -> .hlp [@ = hlpfile] -> C:\Windows\winhlp32.exe -> [2009-07-14 02:14:45 | 000,009,728 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Classes\\ -> .html [@ = FirefoxHTML] -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> FastUserSwitchingCompatibility -> -> File not found Ias -> -> File not found Nla -> -> File not found Ntmssvc -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found SRService -> -> File not found WmdmPmSp -> -> File not found LogonHours -> -> File not found PCAudit -> -> File not found helpsvc -> -> File not found uploadmgr -> -> File not found Themes -> C:\Windows\System32\themeservice.dll -> [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) BDESVC -> C:\Windows\System32\bdesvc.dll -> [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service MsMpSvc -> C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) NTDS -> -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group Power -> C:\Windows\System32\umpo.dll -> [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) Primary disk -> Driver Group RpcEptMapper -> C:\Windows\System32\RpcEpMap.dll -> [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) sacsvr -> Service SCSI Class -> Driver Group System Bus Extender -> Driver Group vmms -> Service WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group Dhcp -> C:\Windows\System32\dhcpcore.dll -> [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Messenger -> Service MsMpSvc -> C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010-11-11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) NDIS Wrapper -> Driver Group ndiscap -> C:\Windows\System32\drivers\ndiscap.sys -> [2009-07-14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Power -> C:\Windows\System32\umpo.dll -> [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) Primary disk -> Driver Group rdsessmgr -> Service RpcEptMapper -> C:\Windows\System32\RpcEpMap.dll -> [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) sacsvr -> Service SCSI Class -> Driver Group Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group vmms -> Service WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) WudfUsbccidDriver -> Driver < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"cval" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found \Svc\\"AntiVirusOverride" -> [0] -> File not found \Svc\\"AntiSpywareOverride" -> [0] -> File not found \Svc\\"FirewallOverride" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> < Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> -> < Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2011-01-25 10:04:26 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> "ComSpec" -> C:\Windows\System32\cmd.exe -> [2009-07-14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) "TEMP" -> C:\Windows\Temp -> [2011-02-21 18:43:09 | 000,000,000 | ---D | M] "TMP" -> C:\Windows\Temp -> [2011-02-21 18:43:09 | 000,000,000 | ---D | M] "windir" -> C:\Windows -> [2011-01-25 10:04:26 | 000,000,000 | ---D | M] *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32 -> C:\Windows\System32 -> [2011-02-21 18:46:21 | 000,000,000 | ---D | M] %SystemRoot% -> C:\Windows -> [2011-01-25 10:04:26 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\System32\wbem -> [2011-01-19 09:32:38 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\System32\WindowsPowerShell\v1.0\ -> [2009-07-14 05:56:47 | 000,000,000 | ---D | M] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static -> [2011-01-19 10:08:40 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found .MSC -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> "advapi32" -> C:\Windows\System32\advapi32.dll -> [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) "clbcatq" -> C:\Windows\System32\clbcatq.dll -> [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) "COMDLG32" -> C:\Windows\System32\comdlg32.dll -> [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) "DifxApi" -> C:\Windows\System32\difxapi.dll -> [2009-07-14 02:15:11 | 000,315,904 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\Windows\System32 -> [2011-02-21 18:46:21 | 000,000,000 | ---D | M] "gdi32" -> C:\Windows\System32\gdi32.dll -> [2009-07-14 02:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) "IERTUTIL" -> C:\Windows\System32\iertutil.dll -> [2009-07-14 02:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) "IMAGEHLP" -> C:\Windows\System32\imagehlp.dll -> [2009-07-14 02:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) "IMM32" -> C:\Windows\System32\imm32.dll -> [2009-07-14 02:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\Windows\System32\kernel32.dll -> [2009-07-14 02:15:35 | 000,857,088 | ---- | M] (Microsoft Corporation) "LPK" -> C:\Windows\System32\lpk.dll -> [2009-07-14 02:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) "MSCTF" -> C:\Windows\System32\msctf.dll -> [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) "MSVCRT" -> C:\Windows\System32\msvcrt.dll -> [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) "NORMALIZ" -> C:\Windows\System32\normaliz.dll -> [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) "NSI" -> C:\Windows\System32\nsi.dll -> [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) "ole32" -> C:\Windows\System32\ole32.dll -> [2009-07-14 02:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) "OLEAUT32" -> C:\Windows\System32\oleaut32.dll -> [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) "PSAPI" -> C:\Windows\System32\psapi.dll -> [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\Windows\System32\rpcrt4.dll -> [2009-07-14 02:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) "sechost" -> C:\Windows\System32\sechost.dll -> [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) "Setupapi" -> C:\Windows\System32\setupapi.dll -> [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) "SHELL32" -> C:\Windows\System32\shell32.dll -> [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "SHLWAPI" -> C:\Windows\System32\shlwapi.dll -> [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) "URLMON" -> C:\Windows\System32\urlmon.dll -> [2009-07-14 02:16:17 | 001,224,704 | ---- | M] (Microsoft Corporation) "user32" -> C:\Windows\System32\user32.dll -> [2009-07-14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) "USP10" -> C:\Windows\System32\usp10.dll -> [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) "WININET" -> C:\Windows\System32\wininet.dll -> [2009-07-14 02:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) "WLDAP32" -> C:\Windows\System32\Wldap32.dll -> [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) "WS2_32" -> C:\Windows\System32\ws2_32.dll -> [2009-07-14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009-07-14 02:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2009-07-14 02:14:45 | 000,009,728 | ---- | M] (Microsoft Corporation) inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009-07-14 02:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009-07-14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe -> [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {02BEB9A6-6695-F451-A98A-E08B048B5687} -> ATI Problem Report Wizard {03533053-A0DD-0A8F-F18B-388CF251929B} -> CCC Help Finnish {0446A460-E8E8-4387-9D1F-4BE9C9824F7B} -> Microsoft Antimalware Service PL-PL Language Pack {04D38795-0B33-C6FC-47C9-D85DBAF82216} -> CCC Help Norwegian {08B3869E-D282-424C-9AFC-870E04A4BA14} -> Rockstar Games Social Club {0A225245-3D91-7DD2-630D-4366FA9D7BCF} -> CCC Help Thai {0AB51E62-5AA1-5ECC-F836-F9485DD487C3} -> Catalyst Control Center Localization All {0B94CF00-3A9C-AEBF-265D-EABF6EC11CEA} -> Catalyst Control Center InstallProxy {0C0F9C71-1185-7A98-DBE3-BC26CD85352E} -> CCC Help Korean {1DC4873F-493C-F305-B55E-0FE0BBC6EFD1} -> WMV9/VC-1 Video Playback {205534F9-935B-4F67-6CA1-0356441E78F9} -> CCC Help Dutch {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 -> Media Player Classic - Home Cinema v1.4.2824.0 {26A24AE4-039D-4CA4-87B4-2F83216022FF} -> Java(TM) 6 Update 24 {2C15735B-1EBA-5719-4ADD-F457205F1BA6} -> Catalyst Control Center Graphics Previews Common {2CA51DE4-4B69-EF24-841E-32363DE7D374} -> CCC Help Japanese {2E7A3D47-285C-AA71-5F43-7AD3C45A24C1} -> CCC Help English {2FE0023B-3858-3D60-DC15-E325E7BBBCE0} -> CCC Help Greek {3C12C57B-8BD0-25E0-57C6-63DBB96AF447} -> CCC Help German {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {4DFF1415-4C29-44A8-BFD4-2BCE249C4991} -> SpPhones {560F47F7-EB23-44B1-AAFC-667F1CD8FE5C} -> Sp5 {579BA58C-F33D-4970-9953-B94B43768AC3} -> Grand Theft Auto IV {59E4543A-D49D-4489-B445-473D763C79AF} -> Microsoft Games for Windows - LIVE Redistributable {5CD0CFB1-3FE9-600A-36E4-03E1523C4989} -> CCC Help Swedish {625386A4-B6B6-4911-A6E8-23189C3F2D15} -> Microsoft .NET Compact Framework 2.0 SP1 {6AB57823-3580-4CE0-9CF0-072E2A39460C} -> Catalyst Control Center - Branding {6C3959C6-943E-44B3-BAAD-570B04B134E5} -> SpCommon {6E209506-FD15-E2CC-AF7E-D1B9C5C83DC3} -> CCC Help Chinese Standard {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {774088D4-0777-4D78-904D-E435B318F5D2} -> Microsoft Antimalware {77A776C4-D10F-416D-88F0-53F2D9DCD9B3} -> Microsoft Security Client {7E5B60E2-32F4-1052-8471-708EF7965167} -> Catalyst Control Center Profiles Desktop {81D34549-684B-86FC-B25F-AA948D831194} -> CCC Help Russian {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {859B9BCA-5376-4566-9F88-C6C9DAA7A925} -> Microsoft Security Client PL-PL Language Pack {90110415-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003 {9400B65A-43D5-9A1F-9A94-28126CB7F684} -> CCC Help Italian {9FF1B47E-957E-DE11-6610-799DD98BAD42} -> CCC Help Czech {A1C98C40-F126-11D6-A72A-00E07D97B509} -> Post Mortem {AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1 -> Sunrise Seven 1.1.54 {AC76BA86-7AD7-1033-7B44-AA0000000001} -> Adobe Reader X (10.0.1) {AE1A891D-68BF-0BE5-A51D-7EF7187230D4} -> CCC Help French {C66B45D6-0A09-0F9A-39EC-06AE4B2C1DB5} -> CCC Help Portuguese {C82EB045-FD47-F4F9-2527-F0195DEE1637} -> CCC Help Danish {CDEE9257-8FEB-7BAF-B28F-C4737036D674} -> ATI Catalyst Install Manager {CE0EF487-4B1D-7800-2BCE-CC931A6DEE3E} -> CCC Help Spanish {D85DCD8F-2FED-306F-0BF4-9508722A1D92} -> CCC Help Chinese Traditional {E415C943-37E5-473F-8BAE-043C56734124} -> Sp5TTInt {EB0B4C36-0171-73BF-B119-11FE8E641F6E} -> ccc-core-static {EC048D90-85C5-9695-A647-E480D0BD4756} -> ccc-utility {F39B1FAE-1E05-E275-2594-C22F91D585F0} -> CCC Help Hungarian {F67958D5-BF91-56EF-3792-363A555155B3} -> CCC Help Polish {FD4B33E1-24AE-4535-AA7B-162B30FB57CD} -> Sp5Intl {FFE07FA8-37BD-02CB-DEBF-0B64B57C20F8} -> ATI AVIVO Codecs 7-Zip -> 7-Zip 9.20 Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe Shockwave Player -> Adobe Shockwave Player 11.5 Combined Community Codec Pack_is1 -> Combined Community Codec Pack 2008-01-24 EVEREST Ultimate Edition_is1 -> EVEREST Ultimate Edition v5.50 Expressivo -> Expressivo ffdshow_is1 -> ffdshow v1.1.3631 [2010-11-15] Gadu-Gadu 10 -> Gadu-Gadu 10 Gray Matter_is1 -> Gray Matter HaftiX -> HaftiX v. 6.2.3 ipla -> ipla 2.2.1 IVONA 2 -> IVONA 2 Łatka polonizacyjna GTA IV v0.98 -> Łatka polonizacyjna GTA IV v0.98 Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft Security Client -> Microsoft Security Essentials Mozilla Firefox (3.6.13) -> Mozilla Firefox (3.6.13) NapiProjekt_is1 -> NapiProjekt 1.0.6.9 NEED FOR SPEED UNDERCOVERDigital_z present -> NEED FOR SPEED UNDERCOVER PowerISO -> PowerISO RealAlt_is1 -> Real Alternative 1.9.0 RealPlayer 6.0 -> RealPlayer RUNAWAY: A TWIST OF FATE (pl) -> Runaway: Przewrotny Los (Polish) uTorrent -> µTorrent WinRAR archiver -> Archiwizator WinRAR < Uninstall List [HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\] > -> HKEY_USERS\S-1-5-21-3958584857-357473059-3986282115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> uTorrent -> µTorrent < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 2011-01-19 12:10:51 Computer Name = Intel-Komputer | Source = Wudf01000 | ID = 921877 -> Description = Application [ Error ] 2011-01-19 12:10:54 Computer Name = Intel-Komputer | Source = NtServicePack | ID = 921877 -> Description = Application [ Error ] 2011-01-19 13:09:43 Computer Name = Intel-Komputer | Source = Application Hang | ID = 1002 -> Description = Program nfs.exe w wersji 1.0.0.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 8b0 Godzina rozpoczęcia: 01cbb7fb72296314 Godzina zakończenia: 78 Ścieżka aplikacji: C:\Program Files\NEED FOR SPEED UNDERCOVER\nfs.exe Identyfikator raportu: Application [ Error ] 2011-01-19 13:09:44 Computer Name = Intel-Komputer | Source = Application Hang | ID = 1002 -> Description = Program RGSC.exe w wersji 1.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: d10 Godzina rozpoczęcia: 01cbb7f4bfed2a0d Godzina zakończenia: 32 Ścieżka aplikacji: C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe Identyfikator raportu: Application [ Error ] 2011-01-20 08:15:59 Computer Name = Intel-Komputer | Source = Application Error | ID = 1000 -> Description = Nazwa aplikacji powodującej błąd: Post Mortem.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x3e665bd8 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0100a800 Identyfikator procesu powodującego błąd: 0xd5c Godzina uruchomienia aplikacji powodującej błąd: 0x01cbb89bb8769e1f Ścieżka aplikacji powodującej błąd: D:\Program Files\Microids\Post Mortem\Post Mortem.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 0a1800e6-248f-11e0-967a-001d7da1aa1c Application [ Error ] 2011-01-20 08:30:54 Computer Name = Intel-Komputer | Source = Application Error | ID = 1000 -> Description = Nazwa aplikacji powodującej błąd: Post Mortem.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x3e665bd8 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0100a800 Identyfikator procesu powodującego błąd: 0xc0c Godzina uruchomienia aplikacji powodującej błąd: 0x01cbb89bd568b59f Ścieżka aplikacji powodującej błąd: D:\Program Files\Microids\Post Mortem\Post Mortem.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 1f41be6e-2491-11e0-967a-001d7da1aa1c Application [ Error ] 2011-01-20 09:30:10 Computer Name = Intel-Komputer | Source = Application Error | ID = 1000 -> Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 1.9.2.3989, sygnatura czasowa: 0x4cf9293f Nazwa modułu powodującego błąd: ole32.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdac7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002f2bf Identyfikator procesu powodującego błąd: 0xe74 Godzina uruchomienia aplikacji powodującej błąd: 0x01cbb891a342bb2b Ścieżka aplikacji powodującej błąd: C:\Program Files\Mozilla Firefox\firefox.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\ole32.dll Identyfikator raportu: 66f69ca8-2499-11e0-967a-001d7da1aa1c Application [ Error ] 2011-02-07 14:56:25 Computer Name = Intel-Komputer | Source = Application Hang | ID = 1002 -> Description = Program RGSC.exe w wersji 1.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: e74 Godzina rozpoczęcia: 01cbc6ef436f398f Godzina zakończenia: 118 Ścieżka aplikacji: C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe Identyfikator raportu: Application [ Error ] 2011-02-14 15:13:46 Computer Name = Intel-Komputer | Source = Application Hang | ID = 1002 -> Description = Program RGSC.exe w wersji 1.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 840 Godzina rozpoczęcia: 01cbcc71e52328f2 Godzina zakończenia: 27 Ścieżka aplikacji: C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe Identyfikator raportu: Application [ Error ] 2011-02-16 05:30:31 Computer Name = Intel-Komputer | Source = Application Hang | ID = 1002 -> Description = Program BESTplayer.exe w wersji 2.1.0.263 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: fe0 Godzina rozpoczęcia: 01cbcdbbcb50c6d8 Godzina zakończenia: 27 Ścieżka aplikacji: C:\Users\Intel\Desktop\BESTplayer.exe Identyfikator raportu: System [ Error ] 2011-02-20 03:15:25 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-20 05:32:52 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-20 12:16:13 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-20 23:54:46 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-21 00:45:01 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-21 10:01:40 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-21 10:12:38 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-21 13:40:54 Computer Name = Intel-Komputer | Source = Service Control Manager | ID = 7031 -> Description = Usługa Microsoft Antimalware Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 15000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. System [ Error ] 2011-02-21 13:41:15 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 System [ Error ] 2011-02-21 13:42:15 Computer Name = Intel-Komputer | Source = Microsoft Antimalware | ID = 3002 -> Description = Funkcja ochrony w czasie rzeczywistym programu %%860 napotkała błąd i nie można było jej wykonać. Funkcja: %%886 Kod błędu: 0x8007042c Opis błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Przyczyna: %%892 [Files/Folders - Created Within 30 Days] _OTS -> C:\_OTS -> [2011-02-21 18:40:54 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\Intel\AppData\Roaming\Malwarebytes -> [2011-02-21 05:39:10 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2011-02-21 05:39:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> C:\ProgramData\Malwarebytes -> [2011-02-21 05:39:01 | 000,000,000 | ---D | C] mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2011-02-21 05:38:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2011-02-21 05:38:58 | 000,000,000 | ---D | C] Mozilla Firefox -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox -> [2011-02-19 23:48:29 | 000,000,000 | ---D | C] Java -> C:\Program Files\Common Files\Java -> [2011-02-16 20:50:50 | 000,000,000 | ---D | C] javaws.exe -> C:\Windows\System32\javaws.exe -> [2011-02-16 20:50:38 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\System32\javaw.exe -> [2011-02-16 20:50:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) java.exe -> C:\Windows\System32\java.exe -> [2011-02-16 20:50:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) ivo -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ivo -> [2011-01-31 12:03:13 | 000,000,000 | ---D | C] Expressivo Podcasts -> C:\Users\Intel\Documents\Expressivo Podcasts -> [2011-01-31 12:03:08 | 000,000,000 | R--D | C] Expressivo Documents -> C:\Users\Intel\Documents\Expressivo Documents -> [2011-01-31 12:03:08 | 000,000,000 | R--D | C] ivo -> C:\Program Files\ivo -> [2011-01-31 12:03:08 | 000,000,000 | ---D | C] Expressivo -> C:\Users\Intel\AppData\Roaming\Expressivo -> [2011-01-31 12:03:08 | 000,000,000 | ---D | C] IVONA -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA -> [2011-01-31 12:00:12 | 000,000,000 | ---D | C] IVONA -> C:\Program Files\IVONA -> [2011-01-31 12:00:12 | 000,000,000 | ---D | C] IVONA_INST -> C:\Users\Intel\AppData\Local\IVONA_INST -> [2011-01-31 11:50:05 | 000,000,000 | ---D | C] 2011-01-28 -> C:\Users\Intel\Desktop\2011-01-28 -> [2011-01-28 10:06:28 | 000,000,000 | ---D | C] Pendulo Studios -> C:\ProgramData\Pendulo Studios -> [2011-01-24 11:02:22 | 000,000,000 | ---D | C] Pendulo Studios -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pendulo Studios -> [2011-01-24 10:35:07 | 000,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2011-02-21 18:46:21 | 000,692,906 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011-02-21 18:46:21 | 000,611,996 | ---- | M] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2011-02-21 18:46:21 | 000,133,432 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011-02-21 18:46:21 | 000,105,214 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011-02-21 18:42:04 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011-02-21 18:42:00 | 2414,731,264 | -HS- | M] () forum.doc -> C:\Users\Intel\Desktop\forum.doc -> [2011-02-21 18:20:58 | 000,024,064 | ---- | M] () intlname.ols -> C:\Users\Intel\intlname.ols -> [2011-02-21 17:43:53 | 000,000,364 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011-02-21 15:08:37 | 000,014,016 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011-02-21 15:08:37 | 000,014,016 | -H-- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011-02-21 05:39:02 | 000,001,067 | ---- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-02-19 23:48:29 | 000,001,885 | ---- | M] () Adobe Reader X.lnk -> C:\Users\Public\Desktop\Adobe Reader X.lnk -> [2011-02-12 22:15:54 | 000,001,989 | ---- | M] () javaws.exe -> C:\Windows\System32\javaws.exe -> [2011-02-02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\System32\javaw.exe -> [2011-02-02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) java.exe -> C:\Windows\System32\java.exe -> [2011-02-02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) deployJava1.dll -> C:\Windows\System32\deployJava1.dll -> [2011-02-02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) Uruchom grę.lnk -> C:\Users\Intel\Desktop\Uruchom grę.lnk -> [2011-01-25 09:03:03 | 000,000,897 | ---- | M] () GrayMatter — skrót.lnk -> C:\Users\Intel\Desktop\GrayMatter — skrót.lnk -> [2011-01-24 10:59:13 | 000,000,508 | ---- | M] () [Files - No Company Name] forum.doc -> C:\Users\Intel\Desktop\forum.doc -> [2011-02-21 17:45:00 | 000,024,064 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011-02-21 05:39:02 | 000,001,067 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-02-19 23:48:29 | 000,001,885 | ---- | C] () Uruchom grę.lnk -> C:\Users\Intel\Desktop\Uruchom grę.lnk -> [2011-01-25 09:03:03 | 000,000,897 | ---- | C] () GrayMatter — skrót.lnk -> C:\Users\Intel\Desktop\GrayMatter — skrót.lnk -> [2011-01-24 10:59:13 | 000,000,508 | ---- | C] () cdplayer.ini -> C:\Windows\cdplayer.ini -> [2011-01-20 07:39:04 | 000,000,025 | ---- | C] () PnkBstrK.sys -> C:\Windows\System32\drivers\PnkBstrK.sys -> [2011-01-19 17:49:39 | 000,138,184 | ---- | C] () sptd.sys -> C:\Windows\System32\drivers\sptd.sys -> [2011-01-19 16:46:13 | 000,691,696 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2011-01-19 16:21:39 | 000,000,412 | ---- | C] () hpotscl1.dll -> C:\Windows\System32\hpotscl1.dll -> [2009-07-14 01:55:09 | 000,587,776 | ---- | C] () BthpanContextHandler.dll -> C:\Windows\System32\BthpanContextHandler.dll -> [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () BWContextHandler.dll -> C:\Windows\System32\BWContextHandler.dll -> [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () xlive.dll.cat -> C:\Windows\System32\xlive.dll.cat -> [2008-10-22 05:29:06 | 000,173,550 | ---- | C] () OUTLPERF.INI -> C:\Windows\System32\OUTLPERF.INI -> [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () [File - Lop Check] SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009-07-14 05:53:46 | 000,022,820 | ---- | M] () [File - Purity Scan] < End of report > [/code]