Samoczynne ubywanie miejsca na dysku c (win7)

[Shlen]

Po wykonaniu powyższych polecen zmienilo sie tylko to ze nie pokazuje brak bootmgr tylko:

"bootmgr is missing"

.

[kominekl]

bootmgr is missing

Wykonaj ponownie powyższe porady. Jeśli nie da rady to napisz - osobiście napiszę ci jakich poleceń użyć.

[Shlen]

Wykonałem ponownie i jest to samo :

BOOTMGR is missing

[kominekl]

To samo :

BOOTMGR is missing

Ech. Wejdź do Konsoli Odzyskiwania (modułu Wiersz Polecenia) i wprowadź tam następujące polecenia (przy zapytaniach dajesz Y(Yes).:

FIXBOOT
FIXMBR
BOOTCFG /REBUILD
CHKDSK /R

[Shlen]

Jak włączam wiersz poleceń to mam już to :

X:\Sources>

Wprowadziłem pierwsze polecenie:

X:\Sources>FIXBOOT

-------> ta nazwa nie jest rozpoznawalna jako polecenie wen lub zewn, program wykonywalny lub plik wsadowy.
Przy 2 poleceniu to samo
Przy 3 pisze ----->Bład:nieprawidłowa składnia
Przy 4 pisze------>Nie można zablokować bieżącego dysku
System nie może uruchomić sprawdzania dysku na tym woluminie ponieważ jest on zabezpieczony przed zapisem.

[kominekl]

Jak włączam wiersz poleceń to mam już to :

X:\Sources>

Wprowadziłem pierwsze polecenie:

X:\Sources>FIXBOOT

-------> ta nazwa nie jest rozpoznawalna jako polecenie wen lub zewn, program wykonywalny lub plik wsadowy.
Przy 2 poleceniu to samo
Przy 3 pisze ----->Bład:nieprawidłowa składnia
Przy 4 pisze------>Nie można zablokować bieżącego dysku
System nie może uruchomić sprawdzania dysku na tym woluminie ponieważ jest on zabezpieczony przed zapisem.

Coś jest nie tak z tą płytką. nie spełnia swojej roli (ech te paczkowane systemy). Dostępne tylko dla zarejestrowanych użytkowników.

PS: Czy ktoś w okolicy nie ma może takiej płytki?

[Shlen]

Coś jest nie tak z tą płytką. nie spełnia swojej roli (ech te paczkowane systemy). Użyj tego.

Ja siedze na Viscie teraz wiec nie dam rady zrobić , czekaj może nagram nowa plytke z winem co mi wczesniej wysyłałeś bo nie mam nikogo w okolicy z inna płytka.

[kominekl]

Coś jest nie tak z tą płytką. nie spełnia swojej roli (ech te paczkowane systemy). Użyj tego.

Ja siedze na Viscie teraz wiec nie dam rady zrobić , czekaj może nagram nowa plytke z winem co mi wczesniej wysyłałeś bo nie mam nikogo w okolicy z inna płytka.

Przydałaby się, jakaś normalna wersja. Najlepiej oryginalna, a chociaż obraz płyty, ale oryginału, bez modów.

PS: Dostępne tylko dla zarejestrowanych użytkowników.

[Shlen]

Udało się !
Włożyłem jeszcze raz tą samą płytkę i wpisałem polecenia i zaskoczyło ufff
Wklejam to co mi wrzucił OLT po tym skrypcie od Ciebie.
A no i dalej mam ComboFixa na pulpicie.
Czekam na dalsze instrukcje

Kod: Zaznacz cały

All processes killed
========== OTL ==========
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys not found.
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
File system32\drivers\tsusbhub.sys not found.
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
File System32\drivers\synth3dvsc.sys not found.
Service hwdatacard stopped successfully!
Service hwdatacard deleted successfully!
File system32\DRIVERS\ewusbmdm.sys not found.
Service huawei_enumerator stopped successfully!
Service huawei_enumerator deleted successfully!
File system32\DRIVERS\ew_jubusenum.sys not found.
Service ewusbmbb stopped successfully!
Service ewusbmbb deleted successfully!
File system32\DRIVERS\ewusbwwan.sys not found.
Service ew_hwusbdev stopped successfully!
Service ew_hwusbdev deleted successfully!
File system32\DRIVERS\ew_hwusbdev.sys not found.
Service eamonm stopped successfully!
Service eamonm deleted successfully!
File system32\DRIVERS\eamonm.sys not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\domowy\AppData\Local\Temp\catchme.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B2CECB0A-E092-4D46-AD93-8EBC83A284AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2CECB0A-E092-4D46-AD93-8EBC83A284AE}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB289211-1995-4DC4-ACAB-B74529133528}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB289211-1995-4DC4-ACAB-B74529133528}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E676D617-8FA4-467F-8207-6FA39476E901}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E676D617-8FA4-467F-8207-6FA39476E901}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0\ not found.
File C:\Users\domowy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll not found.
C:\Users\domowy\AppData\Roaming\mozilla\Firefox\Profiles\u9p6bgfz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults folder moved successfully.
C:\Users\domowy\AppData\Roaming\mozilla\Firefox\Profiles\u9p6bgfz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} folder moved successfully.
Folder C:\Users\domowy\AppData\Roaming\mozilla\Firefox\Profiles\u9p6bgfz.default\extensions\plugin@yontoo.com\ not found.
C:\Users\domowy\AppData\Roaming\mozilla\Firefox\Profiles\u9p6bgfz.default\extensions\vshare@toolbar folder moved successfully.
File move failed. \searchplugins\babylon.xml scheduled to be moved on reboot.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\SpeedUp_igeared.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Search the Web\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Users\domowy\10UninstallUtility.exe moved successfully.
D:\!domowy komputer\Pulpit\SpaceSniffer.exe moved successfully.
Folder move failed. C:\Windows\temp\_avast_ scheduled to be moved on reboot.
Folder move failed. C:\Windows\temp scheduled to be moved on reboot.
Folder C:\Qoobox\ not found.
C:\Windows\erdnt\Hiv-backup\Users\00000006 folder moved successfully.
C:\Windows\erdnt\Hiv-backup\Users\00000005 folder moved successfully.
C:\Windows\erdnt\Hiv-backup\Users\00000004 folder moved successfully.
C:\Windows\erdnt\Hiv-backup\Users\00000003 folder moved successfully.
C:\Windows\erdnt\Hiv-backup\Users\00000002 folder moved successfully.
C:\Windows\erdnt\Hiv-backup\Users\00000001 folder moved successfully.
C:\Windows\erdnt\Hiv-backup\Users folder moved successfully.
C:\Windows\erdnt\Hiv-backup folder moved successfully.
C:\Windows\erdnt\cache folder moved successfully.
C:\Windows\erdnt folder moved successfully.
C:\Users\domowy\AppData\Local\setup.exe moved successfully.
========== FILES ==========
C:\Program Files\Google\Update\Offline\{CF588A1A-C517-4CBB-B3EC-F4788561B551} folder moved successfully.
C:\Program Files\Google\Update\Offline folder moved successfully.
C:\Program Files\Google\Update\Install folder moved successfully.
C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172 folder moved successfully.
C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully.
C:\Program Files\Google\Update\Download folder moved successfully.
C:\Program Files\Google\Update\1.3.21.135 folder moved successfully.
C:\Program Files\Google\Update folder moved successfully.
Folder move failed. C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM\domowy\DefaultBox\user scheduled to be moved on reboot.
Folder move failed. C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM\domowy\DefaultBox\drive scheduled to be moved on reboot.
C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM\domowy\DefaultBox folder moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM\domowy folder moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM folder moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
D:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001 folder moved successfully.
D:\$RECYCLE.BIN folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
C:\Users\domowy\AppData\Local\TempAS1048.html moved successfully.
C:\Users\domowy\AppData\Local\Tempfy1644.html moved successfully.
C:\Users\domowy\AppData\Local\TempLg1048.html moved successfully.
C:\Users\domowy\AppData\Local\TempLIf496.html moved successfully.
C:\Users\domowy\AppData\Local\TempOA3664.html moved successfully.
C:\Users\domowy\AppData\Local\TempOd3764.html moved successfully.
C:\Users\domowy\AppData\Local\TempPra496.html moved successfully.
C:\Users\domowy\AppData\Local\Tempqo3796.html moved successfully.
C:\Users\domowy\AppData\Local\Tempzy3148.html moved successfully.
C:\Users\domowy\AppData\Roaming\Babylon folder moved successfully.
C:\Users\domowy\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\domowy\AppData\Roaming\ESET folder moved successfully.
C:\Users\domowy\AppData\Roaming\MyHeritage\Temp folder moved successfully.
C:\Users\domowy\AppData\Roaming\MyHeritage\Logs folder moved successfully.
C:\Users\domowy\AppData\Roaming\MyHeritage\Cfg folder moved successfully.
C:\Users\domowy\AppData\Roaming\MyHeritage folder moved successfully.
C:\Users\domowy\AppData\Roaming\Unity\WebPlayerPrefs\www_2everkeerstalent_2donline_2enl folder moved successfully.
C:\Users\domowy\AppData\Roaming\Unity\WebPlayerPrefs\www_2eminiclip_2ecom folder moved successfully.
C:\Users\domowy\AppData\Roaming\Unity\WebPlayerPrefs\contentmirror_2ewooglie_2ecom folder moved successfully.
C:\Users\domowy\AppData\Roaming\Unity\WebPlayerPrefs\chat_2ekongregate_2ecom folder moved successfully.
C:\Users\domowy\AppData\Roaming\Unity\WebPlayerPrefs folder moved successfully.
C:\Users\domowy\AppData\Roaming\Unity folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57616 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: domowy
->Temp folder emptied: 268750 bytes
->Temporary Internet Files folder emptied: 13700779 bytes
->Java cache emptied: 2129636181 bytes
->Google Chrome cache emptied: 119957844 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 58143 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 2 159,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 03282013_213301

Files\Folders moved on Reboot...
File\Folder \searchplugins\babylon.xml not found!
Folder move failed. C:\Windows\temp\_avast_ scheduled to be moved on reboot.
Folder move failed. C:\Windows\temp\_avast_ scheduled to be moved on reboot.
Folder move failed. C:\Windows\temp scheduled to be moved on reboot.
File\Folder C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM\domowy\DefaultBox\user not found!
File\Folder C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001\$R0DFSAM\domowy\DefaultBox\drive not found!
C:\Windows\tasks\SCHEDLGU.TXT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
   

[kominekl]

Włożyłem jeszcze raz tą samą płytkę i wpisałem polecenia i zaskoczyło ufff

Widocznie, tak, jak mówię, coś z tą płytką jest nie tak .

A no i dalej mam ComboFixa na pulpicie.

To jeszcze o niczym nie świadczy .

Następnie podaj log z ADWCleaner (z opcji Delete) + log z TDSSKiller + nowe logi z OTL.

Tego brakuje .

[Shlen]

Log z TDSSKiller

Kod: Zaznacz cały

17:56:12.0088 1936  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:56:12.0202 1936  ============================================================
17:56:12.0202 1936  Current date / time: 2013/03/30 17:56:12.0202
17:56:12.0202 1936  SystemInfo:
17:56:12.0202 1936 
17:56:12.0202 1936  OS Version: 6.1.7601 ServicePack: 1.0
17:56:12.0202 1936  Product type: Workstation
17:56:12.0202 1936  ComputerName: DOMOWY-KOMPUTER
17:56:12.0202 1936  UserName: domowy
17:56:12.0202 1936  Windows directory: C:\Windows
17:56:12.0202 1936  System windows directory: C:\Windows
17:56:12.0202 1936  Processor architecture: Intel x86
17:56:12.0202 1936  Number of processors: 2
17:56:12.0202 1936  Page size: 0x1000
17:56:12.0202 1936  Boot type: Normal boot
17:56:12.0202 1936  ============================================================
17:56:13.0228 1936  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x7E25, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
17:56:13.0231 1936  ============================================================
17:56:13.0231 1936  \Device\Harddisk0\DR0:
17:56:13.0232 1936  MBR partitions:
17:56:13.0232 1936  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:56:13.0232 1936  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26DE800
17:56:13.0239 1936  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x1AA930C4
17:56:13.0239 1936  ============================================================
17:56:13.0276 1936  C: <-> \Device\Harddisk0\DR0\Partition2
17:56:13.0320 1936  D: <-> \Device\Harddisk0\DR0\Partition3
17:56:13.0321 1936  ============================================================
17:56:13.0321 1936  Initialize success
17:56:13.0321 1936  ============================================================
17:56:23.0905 1260  ============================================================
17:56:23.0905 1260  Scan started
17:56:23.0906 1260  Mode: Manual;
17:56:23.0906 1260  ============================================================
17:56:24.0639 1260  ================ Scan system memory ========================
17:56:24.0639 1260  System memory - ok
17:56:24.0639 1260  ================ Scan services =============================
17:56:24.0781 1260  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:56:24.0784 1260  1394ohci - ok
17:56:24.0819 1260  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:56:24.0824 1260  ACPI - ok
17:56:24.0866 1260  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:56:24.0867 1260  AcpiPmi - ok
17:56:24.0975 1260  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:56:24.0978 1260  AdobeARMservice - ok
17:56:25.0056 1260  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:56:25.0061 1260  AdobeFlashPlayerUpdateSvc - ok
17:56:25.0103 1260  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:56:25.0117 1260  adp94xx - ok
17:56:25.0139 1260  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:56:25.0144 1260  adpahci - ok
17:56:25.0165 1260  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:56:25.0169 1260  adpu320 - ok
17:56:25.0193 1260  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:56:25.0195 1260  AeLookupSvc - ok
17:56:25.0239 1260  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
17:56:25.0245 1260  AFD - ok
17:56:25.0272 1260  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:56:25.0274 1260  agp440 - ok
17:56:25.0303 1260  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:56:25.0305 1260  aic78xx - ok
17:56:25.0353 1260  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
17:56:25.0355 1260  ALG - ok
17:56:25.0383 1260  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:56:25.0384 1260  aliide - ok
17:56:25.0399 1260  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:56:25.0401 1260  amdagp - ok
17:56:25.0417 1260  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:56:25.0419 1260  amdide - ok
17:56:25.0443 1260  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:56:25.0466 1260  AmdK8 - ok
17:56:25.0503 1260  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:56:25.0505 1260  AmdPPM - ok
17:56:25.0594 1260  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:56:25.0607 1260  amdsata - ok
17:56:25.0625 1260  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:56:25.0629 1260  amdsbs - ok
17:56:25.0647 1260  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:56:25.0648 1260  amdxata - ok
17:56:25.0682 1260  [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
17:56:25.0685 1260  androidusb - ok
17:56:25.0722 1260  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
17:56:25.0724 1260  AppID - ok
17:56:25.0763 1260  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:56:25.0765 1260  AppIDSvc - ok
17:56:25.0795 1260  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
17:56:25.0797 1260  Appinfo - ok
17:56:25.0836 1260  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:56:25.0841 1260  AppMgmt - ok
17:56:25.0868 1260  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:56:25.0870 1260  arc - ok
17:56:25.0888 1260  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:56:25.0891 1260  arcsas - ok
17:56:25.0927 1260  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
17:56:25.0928 1260  aswFsBlk - ok
17:56:25.0984 1260  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
17:56:25.0985 1260  aswMonFlt - ok
17:56:26.0024 1260  [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
17:56:26.0026 1260  aswRdr - ok
17:56:26.0070 1260  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:56:26.0077 1260  aswSnx - ok
17:56:26.0115 1260  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:56:26.0119 1260  aswSP - ok
17:56:26.0135 1260  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
17:56:26.0136 1260  aswTdi - ok
17:56:26.0148 1260  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:56:26.0149 1260  AsyncMac - ok
17:56:26.0181 1260  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
17:56:26.0182 1260  atapi - ok
17:56:26.0225 1260  [ 547F07839F71A4357A5E503646CAC2B0 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
17:56:26.0226 1260  atksgt - ok
17:56:26.0327 1260  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:56:26.0337 1260  AudioEndpointBuilder - ok
17:56:26.0361 1260  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:56:26.0366 1260  Audiosrv - ok
17:56:26.0477 1260  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus D:\AVAST !\AvastSvc.exe
17:56:26.0478 1260  avast! Antivirus - ok
17:56:26.0502 1260  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:56:26.0506 1260  AxInstSV - ok
17:56:26.0542 1260  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:56:26.0550 1260  b06bdrv - ok
17:56:26.0580 1260  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:56:26.0584 1260  b57nd60x - ok
17:56:26.0620 1260  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:56:26.0623 1260  BDESVC - ok
17:56:26.0646 1260  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:56:26.0647 1260  Beep - ok
17:56:26.0696 1260  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
17:56:26.0711 1260  BFE - ok
17:56:26.0747 1260  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
17:56:26.0774 1260  BITS - ok
17:56:26.0791 1260  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:56:26.0793 1260  blbdrive - ok
17:56:26.0839 1260  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:56:26.0841 1260  bowser - ok
17:56:26.0855 1260  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:56:26.0857 1260  BrFiltLo - ok
17:56:26.0875 1260  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:56:26.0877 1260  BrFiltUp - ok
17:56:26.0920 1260  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:56:26.0922 1260  BridgeMP - ok
17:56:26.0951 1260  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
17:56:26.0954 1260  Browser - ok
17:56:26.0977 1260  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:56:26.0983 1260  Brserid - ok
17:56:27.0001 1260  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:56:27.0003 1260  BrSerWdm - ok
17:56:27.0016 1260  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:56:27.0017 1260  BrUsbMdm - ok
17:56:27.0028 1260  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:56:27.0029 1260  BrUsbSer - ok
17:56:27.0044 1260  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:56:27.0046 1260  BTHMODEM - ok
17:56:27.0088 1260  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
17:56:27.0091 1260  bthserv - ok
17:56:27.0103 1260  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:56:27.0105 1260  cdfs - ok
17:56:27.0150 1260  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:56:27.0153 1260  cdrom - ok
17:56:27.0191 1260  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:56:27.0195 1260  CertPropSvc - ok
17:56:27.0221 1260  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:56:27.0223 1260  circlass - ok
17:56:27.0244 1260  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
17:56:27.0249 1260  CLFS - ok
17:56:27.0310 1260  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:56:27.0314 1260  clr_optimization_v2.0.50727_32 - ok
17:56:27.0381 1260  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:56:27.0384 1260  clr_optimization_v4.0.30319_32 - ok
17:56:27.0399 1260  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:56:27.0401 1260  CmBatt - ok
17:56:27.0419 1260  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:56:27.0421 1260  cmdide - ok
17:56:27.0457 1260  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:56:27.0463 1260  CNG - ok
17:56:27.0487 1260  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:56:27.0489 1260  Compbatt - ok
17:56:27.0506 1260  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:56:27.0508 1260  CompositeBus - ok
17:56:27.0517 1260  COMSysApp - ok
17:56:27.0541 1260  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:56:27.0543 1260  crcdisk - ok
17:56:27.0594 1260  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:56:27.0598 1260  CryptSvc - ok
17:56:27.0637 1260  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
17:56:27.0644 1260  CSC - ok
17:56:27.0671 1260  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
17:56:27.0686 1260  CscService - ok
17:56:27.0728 1260  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:56:27.0746 1260  DcomLaunch - ok
17:56:27.0778 1260  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:56:27.0784 1260  defragsvc - ok
17:56:27.0823 1260  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:56:27.0826 1260  DfsC - ok
17:56:27.0862 1260  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:56:27.0869 1260  Dhcp - ok
17:56:27.0902 1260  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
17:56:27.0903 1260  discache - ok
17:56:27.0934 1260  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:56:27.0935 1260  Disk - ok
17:56:27.0970 1260  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:56:27.0975 1260  Dnscache - ok
17:56:28.0008 1260  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:56:28.0014 1260  dot3svc - ok
17:56:28.0064 1260  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
17:56:28.0069 1260  DPS - ok
17:56:28.0097 1260  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:56:28.0099 1260  drmkaud - ok
17:56:28.0143 1260  [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:56:28.0146 1260  dtsoftbus01 - ok
17:56:28.0194 1260  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:56:28.0200 1260  DXGKrnl - ok
17:56:28.0226 1260  [ CF0A6015F437161698C5B2A0A12CF052 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
17:56:28.0230 1260  e1express - ok
17:56:28.0263 1260  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
17:56:28.0267 1260  EapHost - ok
17:56:28.0368 1260  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:56:28.0454 1260  ebdrv - ok
17:56:28.0495 1260  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
17:56:28.0500 1260  EFS - ok
17:56:28.0569 1260  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:56:28.0583 1260  ehRecvr - ok
17:56:28.0612 1260  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
17:56:28.0615 1260  ehSched - ok
17:56:28.0640 1260  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:56:28.0655 1260  elxstor - ok
17:56:28.0681 1260  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:56:28.0683 1260  ErrDev - ok
17:56:28.0731 1260  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
17:56:28.0738 1260  EventSystem - ok
17:56:28.0761 1260  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
17:56:28.0764 1260  exfat - ok
17:56:28.0783 1260  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:56:28.0788 1260  fastfat - ok
17:56:28.0834 1260  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
17:56:28.0850 1260  Fax - ok
17:56:28.0884 1260  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:56:28.0886 1260  fdc - ok
17:56:28.0912 1260  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
17:56:28.0916 1260  fdPHost - ok
17:56:28.0935 1260  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
17:56:28.0940 1260  FDResPub - ok
17:56:28.0959 1260  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:56:28.0962 1260  FileInfo - ok
17:56:28.0974 1260  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:56:28.0976 1260  Filetrace - ok
17:56:28.0989 1260  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:56:28.0991 1260  flpydisk - ok
17:56:29.0014 1260  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:56:29.0017 1260  FltMgr - ok
17:56:29.0076 1260  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
17:56:29.0102 1260  FontCache - ok
17:56:29.0169 1260  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:56:29.0173 1260  FontCache3.0.0.0 - ok
17:56:29.0180 1260  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:56:29.0182 1260  FsDepends - ok
17:56:29.0211 1260  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:56:29.0212 1260  Fs_Rec - ok
17:56:29.0243 1260  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:56:29.0247 1260  fvevol - ok
17:56:29.0279 1260  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:56:29.0281 1260  gagp30kx - ok
17:56:29.0324 1260  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:56:29.0341 1260  gpsvc - ok
17:56:29.0367 1260  gupdate - ok
17:56:29.0372 1260  gupdatem - ok
17:56:29.0396 1260  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:56:29.0398 1260  hcw85cir - ok
17:56:29.0462 1260  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:56:29.0469 1260  HdAudAddService - ok
17:56:29.0485 1260  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:56:29.0487 1260  HDAudBus - ok
17:56:29.0502 1260  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:56:29.0504 1260  HidBatt - ok
17:56:29.0520 1260  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:56:29.0522 1260  HidBth - ok
17:56:29.0549 1260  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:56:29.0551 1260  HidIr - ok
17:56:29.0575 1260  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
17:56:29.0579 1260  hidserv - ok
17:56:29.0618 1260  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:56:29.0620 1260  HidUsb - ok
17:56:29.0649 1260  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:56:29.0655 1260  hkmsvc - ok
17:56:29.0685 1260  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:56:29.0693 1260  HomeGroupListener - ok
17:56:29.0710 1260  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:56:29.0719 1260  HomeGroupProvider - ok
17:56:29.0763 1260  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:56:29.0765 1260  HpSAMD - ok
17:56:29.0799 1260  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:56:29.0813 1260  HTTP - ok
17:56:29.0876 1260  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:56:29.0877 1260  hwpolicy - ok
17:56:29.0924 1260  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:56:29.0926 1260  i8042prt - ok
17:56:29.0960 1260  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:56:29.0966 1260  iaStorV - ok
17:56:30.0031 1260  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:56:30.0056 1260  idsvc - ok
17:56:30.0208 1260  [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
17:56:30.0325 1260  igfx - ok
17:56:30.0351 1260  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:56:30.0353 1260  iirsp - ok
17:56:30.0381 1260  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:56:30.0406 1260  IKEEXT - ok
17:56:30.0439 1260  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:56:30.0441 1260  intelide - ok
17:56:30.0461 1260  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:56:30.0463 1260  intelppm - ok
17:56:30.0487 1260  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:56:30.0492 1260  IPBusEnum - ok
17:56:30.0508 1260  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:56:30.0511 1260  IpFilterDriver - ok
17:56:30.0544 1260  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:56:30.0561 1260  iphlpsvc - ok
17:56:30.0589 1260  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:56:30.0591 1260  IPMIDRV - ok
17:56:30.0609 1260  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:56:30.0612 1260  IPNAT - ok
17:56:30.0633 1260  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:56:30.0635 1260  IRENUM - ok
17:56:30.0672 1260  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:56:30.0674 1260  isapnp - ok
17:56:30.0714 1260  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:56:30.0719 1260  iScsiPrt - ok
17:56:30.0746 1260  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:56:30.0748 1260  kbdclass - ok
17:56:30.0770 1260  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:56:30.0772 1260  kbdhid - ok
17:56:30.0785 1260  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
17:56:30.0790 1260  KeyIso - ok
17:56:30.0823 1260  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:56:30.0826 1260  KSecDD - ok
17:56:30.0839 1260  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:56:30.0842 1260  KSecPkg - ok
17:56:30.0870 1260  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:56:30.0887 1260  KtmRm - ok
17:56:30.0924 1260  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:56:30.0941 1260  LanmanServer - ok
17:56:30.0977 1260  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:56:30.0987 1260  LanmanWorkstation - ok
17:56:31.0046 1260  [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
17:56:31.0047 1260  lirsgt - ok
17:56:31.0092 1260  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:56:31.0095 1260  lltdio - ok
17:56:31.0124 1260  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:56:31.0133 1260  lltdsvc - ok
17:56:31.0149 1260  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:56:31.0154 1260  lmhosts - ok
17:56:31.0185 1260  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:56:31.0187 1260  LSI_FC - ok
17:56:31.0204 1260  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:56:31.0208 1260  LSI_SAS - ok
17:56:31.0223 1260  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:56:31.0225 1260  LSI_SAS2 - ok
17:56:31.0245 1260  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:56:31.0247 1260  LSI_SCSI - ok
17:56:31.0261 1260  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
17:56:31.0264 1260  luafv - ok
17:56:31.0298 1260  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:56:31.0304 1260  Mcx2Svc - ok
17:56:31.0319 1260  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:56:31.0320 1260  megasas - ok
17:56:31.0339 1260  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:56:31.0344 1260  MegaSR - ok
17:56:31.0395 1260  Microsoft SharePoint Workspace Audit Service - ok
17:56:31.0418 1260  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
17:56:31.0424 1260  MMCSS - ok
17:56:31.0442 1260  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
17:56:31.0444 1260  Modem - ok
17:56:31.0479 1260  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:56:31.0481 1260  monitor - ok
17:56:31.0515 1260  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:56:31.0516 1260  mouclass - ok
17:56:31.0543 1260  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:56:31.0545 1260  mouhid - ok
17:56:31.0581 1260  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:56:31.0583 1260  mountmgr - ok
17:56:31.0610 1260  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:56:31.0614 1260  mpio - ok
17:56:31.0627 1260  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:56:31.0629 1260  mpsdrv - ok
17:56:31.0669 1260  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:56:31.0696 1260  MpsSvc - ok
17:56:31.0727 1260  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:56:31.0730 1260  MRxDAV - ok
17:56:31.0771 1260  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:56:31.0774 1260  mrxsmb - ok
17:56:31.0824 1260  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:56:31.0827 1260  mrxsmb10 - ok
17:56:31.0839 1260  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:56:31.0841 1260  mrxsmb20 - ok
17:56:31.0858 1260  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
17:56:31.0860 1260  msahci - ok
17:56:31.0898 1260  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:56:31.0901 1260  msdsm - ok
17:56:31.0927 1260  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
17:56:31.0935 1260  MSDTC - ok
17:56:31.0979 1260  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:56:31.0981 1260  Msfs - ok
17:56:31.0996 1260  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:56:31.0997 1260  mshidkmdf - ok
17:56:32.0027 1260  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:56:32.0028 1260  msisadrv - ok
17:56:32.0063 1260  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:56:32.0069 1260  MSiSCSI - ok
17:56:32.0076 1260  msiserver - ok
17:56:32.0103 1260  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:56:32.0105 1260  MSKSSRV - ok
17:56:32.0122 1260  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:56:32.0123 1260  MSPCLOCK - ok
17:56:32.0139 1260  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:56:32.0140 1260  MSPQM - ok
17:56:32.0160 1260  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:56:32.0164 1260  MsRPC - ok
17:56:32.0186 1260  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:56:32.0188 1260  mssmbios - ok
17:56:32.0195 1260  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:56:32.0196 1260  MSTEE - ok
17:56:32.0216 1260  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:56:32.0218 1260  MTConfig - ok
17:56:32.0231 1260  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:56:32.0233 1260  Mup - ok
17:56:32.0272 1260  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
17:56:32.0289 1260  napagent - ok
17:56:32.0321 1260  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:56:32.0326 1260  NativeWifiP - ok
17:56:32.0373 1260  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:56:32.0389 1260  NDIS - ok
17:56:32.0412 1260  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:56:32.0414 1260  NdisCap - ok
17:56:32.0435 1260  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:56:32.0438 1260  NdisTapi - ok
17:56:32.0479 1260  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:56:32.0482 1260  Ndisuio - ok
17:56:32.0519 1260  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:56:32.0522 1260  NdisWan - ok
17:56:32.0536 1260  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:56:32.0538 1260  NDProxy - ok
17:56:32.0554 1260  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:56:32.0556 1260  NetBIOS - ok
17:56:32.0576 1260  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:56:32.0580 1260  NetBT - ok
17:56:32.0594 1260  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
17:56:32.0599 1260  Netlogon - ok
17:56:32.0642 1260  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
17:56:32.0658 1260  Netman - ok
17:56:32.0698 1260  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
17:56:32.0715 1260  netprofm - ok
17:56:32.0742 1260  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:56:32.0746 1260  NetTcpPortSharing - ok
17:56:32.0775 1260  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:56:32.0777 1260  nfrd960 - ok
17:56:32.0817 1260  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:56:32.0827 1260  NlaSvc - ok
17:56:32.0906 1260  [ B0A67DE1A128389AEA4D42C5A56215FD ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
17:56:32.0908 1260  nmwcd - ok
17:56:32.0947 1260  [ 7312987B6CCDE6F6CEE32C14BED1CA2E ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
17:56:32.0948 1260  nmwcdc - ok
17:56:32.0969 1260  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:56:32.0972 1260  Npfs - ok
17:56:32.0998 1260  npggsvc - ok
17:56:33.0028 1260  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
17:56:33.0034 1260  nsi - ok
17:56:33.0042 1260  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:56:33.0045 1260  nsiproxy - ok
17:56:33.0102 1260  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:56:33.0136 1260  Ntfs - ok
17:56:33.0153 1260  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
17:56:33.0155 1260  Null - ok
17:56:33.0407 1260  [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:56:33.0498 1260  nvlddmkm - ok
17:56:33.0542 1260  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:56:33.0545 1260  nvraid - ok
17:56:33.0577 1260  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:56:33.0581 1260  nvstor - ok
17:56:33.0644 1260  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:56:33.0670 1260  nvsvc - ok
17:56:33.0758 1260  [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:56:33.0769 1260  nvUpdatusService - ok
17:56:33.0807 1260  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:56:33.0810 1260  nv_agp - ok
17:56:33.0846 1260  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:56:33.0849 1260  ohci1394 - ok
17:56:33.0905 1260  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:56:33.0909 1260  ose - ok
17:56:34.0084 1260  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:56:34.0197 1260  osppsvc - ok
17:56:34.0240 1260  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:56:34.0257 1260  p2pimsvc - ok
17:56:34.0291 1260  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:56:34.0308 1260  p2psvc - ok
17:56:34.0337 1260  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:56:34.0340 1260  Parport - ok
17:56:34.0375 1260  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:56:34.0377 1260  partmgr - ok
17:56:34.0389 1260  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:56:34.0392 1260  Parvdm - ok
17:56:34.0413 1260  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:56:34.0421 1260  PcaSvc - ok
17:56:34.0442 1260  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
17:56:34.0445 1260  pci - ok
17:56:34.0482 1260  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
17:56:34.0483 1260  pciide - ok
17:56:34.0506 1260  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:56:34.0510 1260  pcmcia - ok
17:56:34.0531 1260  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
17:56:34.0533 1260  pcw - ok
17:56:34.0570 1260  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:56:34.0576 1260  PEAUTH - ok
17:56:34.0616 1260  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:56:34.0649 1260  PeerDistSvc - ok
17:56:34.0739 1260  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
17:56:34.0783 1260  pla - ok
17:56:34.0825 1260  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:56:34.0842 1260  PlugPlay - ok
17:56:34.0854 1260  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:56:34.0861 1260  PNRPAutoReg - ok
17:56:34.0879 1260  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:56:34.0887 1260  PNRPsvc - ok
17:56:34.0932 1260  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:56:34.0949 1260  PolicyAgent - ok
17:56:34.0988 1260  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
17:56:34.0997 1260  Power - ok
17:56:35.0043 1260  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:56:35.0046 1260  PptpMiniport - ok
17:56:35.0069 1260  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:56:35.0071 1260  Processor - ok
17:56:35.0114 1260  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
17:56:35.0131 1260  ProfSvc - ok
17:56:35.0143 1260  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:56:35.0149 1260  ProtectedStorage - ok
17:56:35.0173 1260  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:56:35.0176 1260  Psched - ok
17:56:35.0221 1260  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:56:35.0256 1260  ql2300 - ok
17:56:35.0279 1260  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:56:35.0282 1260  ql40xx - ok
17:56:35.0317 1260  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
17:56:35.0334 1260  QWAVE - ok
17:56:35.0344 1260  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:56:35.0346 1260  QWAVEdrv - ok
17:56:35.0362 1260  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:56:35.0364 1260  RasAcd - ok
17:56:35.0399 1260  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:56:35.0401 1260  RasAgileVpn - ok
17:56:35.0431 1260  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
17:56:35.0440 1260  RasAuto - ok
17:56:35.0454 1260  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:56:35.0457 1260  Rasl2tp - ok
17:56:35.0506 1260  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
17:56:35.0523 1260  RasMan - ok
17:56:35.0534 1260  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:56:35.0537 1260  RasPppoe - ok
17:56:35.0563 1260  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:56:35.0566 1260  RasSstp - ok
17:56:35.0607 1260  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:56:35.0612 1260  rdbss - ok
17:56:35.0626 1260  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:56:35.0628 1260  rdpbus - ok
17:56:35.0660 1260  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:56:35.0662 1260  RDPCDD - ok
17:56:35.0693 1260  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:56:35.0697 1260  RDPDR - ok
17:56:35.0709 1260  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:56:35.0711 1260  RDPENCDD - ok
17:56:35.0736 1260  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:56:35.0738 1260  RDPREFMP - ok
17:56:35.0775 1260  [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:56:35.0778 1260  RdpVideoMiniport - ok
17:56:35.0795 1260  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:56:35.0800 1260  RDPWD - ok
17:56:35.0828 1260  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:56:35.0832 1260  rdyboost - ok
17:56:35.0865 1260  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:56:35.0871 1260  RemoteAccess - ok
17:56:35.0905 1260  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:56:35.0914 1260  RemoteRegistry - ok
17:56:35.0955 1260  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:56:35.0964 1260  RpcEptMapper - ok
17:56:36.0012 1260  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
17:56:36.0016 1260  RpcLocator - ok
17:56:36.0035 1260  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
17:56:36.0045 1260  RpcSs - ok
17:56:36.0079 1260  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:56:36.0081 1260  rspndr - ok
17:56:36.0109 1260  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:56:36.0110 1260  s3cap - ok
17:56:36.0130 1260  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
17:56:36.0135 1260  SamSs - ok
17:56:36.0156 1260  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:56:36.0159 1260  sbp2port - ok
17:56:36.0191 1260  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:56:36.0208 1260  SCardSvr - ok
17:56:36.0240 1260  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:56:36.0242 1260  scfilter - ok
17:56:36.0292 1260  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
17:56:36.0318 1260  Schedule - ok
17:56:36.0336 1260  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:56:36.0338 1260  SCPolicySvc - ok
17:56:36.0370 1260  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:56:36.0378 1260  SDRSVC - ok
17:56:36.0419 1260  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:56:36.0421 1260  secdrv - ok
17:56:36.0430 1260  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
17:56:36.0438 1260  seclogon - ok
17:56:36.0479 1260  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
17:56:36.0486 1260  SENS - ok
17:56:36.0498 1260  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:56:36.0506 1260  SensrSvc - ok
17:56:36.0535 1260  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:56:36.0537 1260  Serenum - ok
17:56:36.0549 1260  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:56:36.0552 1260  Serial - ok
17:56:36.0565 1260  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:56:36.0567 1260  sermouse - ok
17:56:36.0618 1260  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:56:36.0627 1260  SessionEnv - ok
17:56:36.0656 1260  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:56:36.0657 1260  sffdisk - ok
17:56:36.0669 1260  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:56:36.0671 1260  sffp_mmc - ok
17:56:36.0688 1260  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:56:36.0691 1260  sffp_sd - ok
17:56:36.0701 1260  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:56:36.0704 1260  sfloppy - ok
17:56:36.0734 1260  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:56:36.0743 1260  SharedAccess - ok
17:56:36.0775 1260  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:56:36.0792 1260  ShellHWDetection - ok
17:56:36.0812 1260  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:56:36.0816 1260  sisagp - ok
17:56:36.0850 1260  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:56:36.0852 1260  SiSRaid2 - ok
17:56:36.0870 1260  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:56:36.0873 1260  SiSRaid4 - ok
17:56:36.0897 1260  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:56:36.0899 1260  Smb - ok
17:56:36.0945 1260  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:56:36.0953 1260  SNMPTRAP - ok
17:56:36.0968 1260  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:56:36.0970 1260  spldr - ok
17:56:37.0010 1260  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
17:56:37.0028 1260  Spooler - ok
17:56:37.0127 1260  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
17:56:37.0223 1260  sppsvc - ok
17:56:37.0252 1260  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:56:37.0260 1260  sppuinotify - ok
17:56:37.0299 1260  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:56:37.0306 1260  srv - ok
17:56:37.0327 1260  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:56:37.0333 1260  srv2 - ok
17:56:37.0354 1260  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:56:37.0357 1260  srvnet - ok
17:56:37.0396 1260  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
17:56:37.0400 1260  ssadbus - ok
17:56:37.0428 1260  [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:56:37.0429 1260  ssadmdfl - ok
17:56:37.0442 1260  [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
17:56:37.0446 1260  ssadmdm - ok
17:56:37.0472 1260  [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
17:56:37.0476 1260  ssadserd - ok
17:56:37.0502 1260  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:56:37.0519 1260  SSDPSRV - ok
17:56:37.0535 1260  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:56:37.0545 1260  SstpSvc - ok
17:56:37.0611 1260  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:56:37.0616 1260  Stereo Service - ok
17:56:37.0634 1260  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:56:37.0637 1260  stexstor - ok
17:56:37.0678 1260  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:56:37.0705 1260  StiSvc - ok
17:56:37.0720 1260  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:56:37.0722 1260  storflt - ok
17:56:37.0758 1260  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:56:37.0760 1260  storvsc - ok
17:56:37.0785 1260  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:56:37.0786 1260  swenum - ok
17:56:37.0826 1260  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
17:56:37.0843 1260  swprv - ok
17:56:37.0900 1260  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
17:56:37.0952 1260  SysMain - ok
17:56:37.0985 1260  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:56:37.0994 1260  TabletInputService - ok
17:56:38.0029 1260  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:56:38.0046 1260  TapiSrv - ok
17:56:38.0065 1260  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
17:56:38.0073 1260  TBS - ok
17:56:38.0129 1260  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:56:38.0163 1260  Tcpip - ok
17:56:38.0208 1260  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:56:38.0220 1260  TCPIP6 - ok
17:56:38.0254 1260  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:56:38.0255 1260  tcpipreg - ok
17:56:38.0296 1260  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:56:38.0298 1260  TDPIPE - ok
17:56:38.0313 1260  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:56:38.0315 1260  TDTCP - ok
17:56:38.0342 1260  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:56:38.0345 1260  tdx - ok
17:56:38.0380 1260  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:56:38.0382 1260  TermDD - ok
17:56:38.0421 1260  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
17:56:38.0447 1260  TermService - ok
17:56:38.0469 1260  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
17:56:38.0477 1260  Themes - ok
17:56:38.0484 1260  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:56:38.0489 1260  THREADORDER - ok
17:56:38.0512 1260  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
17:56:38.0520 1260  TrkWks - ok
17:56:38.0563 1260  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:56:38.0567 1260  TrustedInstaller - ok
17:56:38.0600 1260  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:56:38.0602 1260  tssecsrv - ok
17:56:38.0638 1260  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:56:38.0641 1260  TsUsbFlt - ok
17:56:38.0669 1260  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:56:38.0673 1260  tunnel - ok
17:56:38.0695 1260  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:56:38.0697 1260  uagp35 - ok
17:56:38.0716 1260  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:56:38.0721 1260  udfs - ok
17:56:38.0765 1260  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:56:38.0774 1260  UI0Detect - ok
17:56:38.0798 1260  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:56:38.0800 1260  uliagpkx - ok
17:56:38.0828 1260  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
17:56:38.0831 1260  umbus - ok
17:56:38.0850 1260  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:56:38.0852 1260  UmPass - ok
17:56:38.0888 1260  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:56:38.0898 1260  UmRdpService - ok
17:56:38.0930 1260  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
17:56:38.0947 1260  upnphost - ok
17:56:38.0978 1260  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
17:56:38.0981 1260  usbccgp - ok
17:56:39.0014 1260  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:56:39.0017 1260  usbcir - ok
17:56:39.0037 1260  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:56:39.0039 1260  usbehci - ok
17:56:39.0065 1260  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:56:39.0071 1260  usbhub - ok
17:56:39.0110 1260  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:56:39.0112 1260  usbohci - ok
17:56:39.0139 1260  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:56:39.0141 1260  usbprint - ok
17:56:39.0166 1260  [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser          C:\Windows\system32\drivers\usbser.sys
17:56:39.0168 1260  usbser - ok
17:56:39.0188 1260  [ B76D8039F5B595C4CA551B3D5DD15A98 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
17:56:39.0190 1260  UsbserFilt - ok
17:56:39.0210 1260  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:56:39.0213 1260  USBSTOR - ok
17:56:39.0242 1260  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:56:39.0244 1260  usbuhci - ok
17:56:39.0275 1260  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
17:56:39.0283 1260  UxSms - ok
17:56:39.0291 1260  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
17:56:39.0297 1260  VaultSvc - ok
17:56:39.0321 1260  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:56:39.0323 1260  vdrvroot - ok
17:56:39.0363 1260  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
17:56:39.0389 1260  vds - ok
17:56:39.0415 1260  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:56:39.0417 1260  vga - ok
17:56:39.0436 1260  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:56:39.0438 1260  VgaSave - ok
17:56:39.0470 1260  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:56:39.0474 1260  vhdmp - ok
17:56:39.0506 1260  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:56:39.0508 1260  viaagp - ok
17:56:39.0526 1260  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:56:39.0529 1260  ViaC7 - ok
17:56:39.0545 1260  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
17:56:39.0547 1260  viaide - ok
17:56:39.0586 1260  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:56:39.0590 1260  vmbus - ok
17:56:39.0603 1260  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:56:39.0605 1260  VMBusHID - ok
17:56:39.0622 1260  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:56:39.0624 1260  volmgr - ok
17:56:39.0641 1260  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:56:39.0647 1260  volmgrx - ok
17:56:39.0667 1260  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:56:39.0672 1260  volsnap - ok
17:56:39.0699 1260  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:56:39.0703 1260  vsmraid - ok
17:56:39.0756 1260  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
17:56:39.0790 1260  VSS - ok
17:56:39.0810 1260  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:56:39.0812 1260  vwifibus - ok
17:56:39.0846 1260  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
17:56:39.0863 1260  W32Time - ok
17:56:39.0888 1260  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:56:39.0890 1260  WacomPen - ok
17:56:39.0927 1260  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:56:39.0930 1260  WANARP - ok
17:56:39.0936 1260  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:56:39.0938 1260  Wanarpv6 - ok
17:56:40.0017 1260  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:56:40.0052 1260  WatAdminSvc - ok
17:56:40.0107 1260  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
17:56:40.0150 1260  wbengine - ok
17:56:40.0169 1260  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:56:40.0186 1260  WbioSrvc - ok
17:56:40.0218 1260  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:56:40.0235 1260  wcncsvc - ok
17:56:40.0258 1260  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:56:40.0267 1260  WcsPlugInService - ok
17:56:40.0286 1260  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:56:40.0288 1260  Wd - ok
17:56:40.0342 1260  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:56:40.0357 1260  Wdf01000 - ok
17:56:40.0369 1260  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:56:40.0378 1260  WdiServiceHost - ok
17:56:40.0385 1260  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:56:40.0395 1260  WdiSystemHost - ok
17:56:40.0410 1260  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
17:56:40.0427 1260  WebClient - ok
17:56:40.0459 1260  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:56:40.0476 1260  Wecsvc - ok
17:56:40.0488 1260  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:56:40.0497 1260  wercplsupport - ok
17:56:40.0524 1260  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:56:40.0533 1260  WerSvc - ok
17:56:40.0562 1260  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:56:40.0564 1260  WfpLwf - ok
17:56:40.0590 1260  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:56:40.0592 1260  WIMMount - ok
17:56:40.0672 1260  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:56:40.0691 1260  WinDefend - ok
17:56:40.0700 1260  WinHttpAutoProxySvc - ok
17:56:40.0748 1260  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:56:40.0753 1260  Winmgmt - ok
17:56:40.0804 1260  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:56:40.0847 1260  WinRM - ok
17:56:40.0899 1260  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:56:40.0902 1260  WinUsb - ok
17:56:40.0948 1260  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:56:40.0999 1260  Wlansvc - ok
17:56:41.0034 1260  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:56:41.0036 1260  WmiAcpi - ok
17:56:41.0061 1260  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:56:41.0065 1260  wmiApSrv - ok
17:56:41.0152 1260  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:56:41.0177 1260  WMPNetworkSvc - ok
17:56:41.0203 1260  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:56:41.0212 1260  WPCSvc - ok
17:56:41.0226 1260  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:56:41.0236 1260  WPDBusEnum - ok
17:56:41.0253 1260  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:56:41.0255 1260  ws2ifsl - ok
17:56:41.0287 1260  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:56:41.0296 1260  wscsvc - ok
17:56:41.0304 1260  WSearch - ok
17:56:41.0383 1260  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:56:41.0435 1260  wuauserv - ok
17:56:41.0460 1260  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:56:41.0463 1260  WudfPf - ok
17:56:41.0496 1260  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:56:41.0501 1260  WUDFRd - ok
17:56:41.0530 1260  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:56:41.0540 1260  wudfsvc - ok
17:56:41.0564 1260  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:56:41.0581 1260  WwanSvc - ok
17:56:41.0596 1260  ================ Scan global ===============================
17:56:41.0628 1260  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:56:41.0655 1260  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:56:41.0678 1260  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:56:41.0700 1260  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:56:41.0724 1260  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:56:41.0735 1260  [Global] - ok
17:56:41.0736 1260  ================ Scan MBR ==================================
17:56:41.0750 1260  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:56:41.0971 1260  \Device\Harddisk0\DR0 - ok
17:56:41.0972 1260  ================ Scan VBR ==================================
17:56:41.0995 1260  [ AB911EE497A7084ECA2AEA4787F846E1 ] \Device\Harddisk0\DR0\Partition1
17:56:41.0997 1260  \Device\Harddisk0\DR0\Partition1 - ok
17:56:42.0002 1260  [ 58F16FE35069897F54FC18C8A354A68E ] \Device\Harddisk0\DR0\Partition2
17:56:42.0004 1260  \Device\Harddisk0\DR0\Partition2 - ok
17:56:42.0035 1260  [ 91A2FBE206C3F9A911F2BD4E11240036 ] \Device\Harddisk0\DR0\Partition3
17:56:42.0037 1260  \Device\Harddisk0\DR0\Partition3 - ok
17:56:42.0038 1260  ============================================================
17:56:42.0038 1260  Scan finished
17:56:42.0038 1260  ============================================================
17:56:42.0055 0824  Detected object count: 0
17:56:42.0056 0824  Actual detected object count: 0
 

Nowe logi z OTL.

OTL

Kod: Zaznacz cały

 OTL logfile created on: 2013-03-30 18:01:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\!domowy komputer\Pulpit
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,35% Memory free
5,99 Gb Paging File | 4,68 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,43 Gb Total Space | 2,22 Gb Free Space | 11,43% Space Free | Partition Type: NTFS
Drive D: | 213,29 Gb Total Space | 58,01 Gb Free Space | 27,20% Space Free | Partition Type: NTFS
Drive E: | 3,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: DOMOWY-KOMPUTER | User Name: domowy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-03-28 21:31:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\!domowy komputer\Pulpit\OTL.exe
PRC - [2013-03-11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- D:\AVAST !\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- D:\AVAST !\AvastSvc.exe
PRC - [2012-10-10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 20:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-10-02 20:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-18 13:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-03-11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013-03-11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013-03-11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013-03-11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013-03-11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013-03-11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2013-03-13 15:37:36 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- D:\AVAST !\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-10-10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-09-20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-12-04 10:53:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-11-03 22:33:00 | 004,045,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-10-30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-10-30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-10-30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-10-30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012-10-30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-10-15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012-10-10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-08-17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-08-11 15:20:17 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-08-11 15:20:17 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-05-31 00:05:48 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-05-13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-05-13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011-05-13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011-05-13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011-05-13 02:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-12-02 11:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-12-02 11:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-13 23:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\AVAST !\WebRep\FF [2013-01-18 17:48:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\plugins [2013-03-18 12:13:26 | 000,000,000 | ---D | M]
 
[2013-03-28 21:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\domowy\AppData\Roaming\mozilla\Firefox\Profiles\u9p6bgfz.default\extensions
[2012-05-22 00:04:10 | 000,002,357 | ---- | M] () -- \searchplugins\babylon.xml
[2013-03-28 21:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-03-16 20:46:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-03-16 20:46:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=108603&babsrc=SP_ss&mntrId=42e3b297000000000000001d0979fef3
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Ares pliki\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\domowy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = D:\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = D:\Office14\NPSPWRAP.DLL
CHR - Extension: Dokumenty Google = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013-03-02 00:02:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\AVAST !\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\AVAST !\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] D:\AVAST !\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] D:\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-744159667-1628034061-4057805603-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - D:\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16918B4B-DA70-4585-B86F-7F2368F478B3}: DhcpNameServer = 192.168.100.1 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-04-03 18:05:09 | 000,000,000 | ---D | M] - D:\AutoRun -- [ NTFS ]
O32 - AutoRun File - [2003-10-31 19:54:48 | 000,618,496 | ---- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ NTFS ]
O32 - AutoRun File - [2003-10-31 19:54:48 | 000,000,108 | ---- | M] () - D:\AUTORUN.FCB -- [ NTFS ]
O32 - AutoRun File - [2003-10-29 10:57:08 | 000,811,008 | ---- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ NTFS ]
O32 - AutoRun File - [2009-10-27 00:00:00 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-03-29 15:30:45 | 000,000,000 | -HSD | C] -- C:\Boot
[2013-03-28 21:34:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-03-28 21:31:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\!domowy komputer\Pulpit\OTL.exe
[2013-03-28 21:01:46 | 004,843,904 | ---- | C] (Swearware) -- D:\!domowy komputer\Pulpit\ComboFix.exe
[2013-03-27 22:18:14 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Local\Apps
[2013-03-26 13:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcGIS
[2013-03-26 13:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013-03-26 13:17:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033
[2013-03-25 11:15:01 | 000,000,000 | ---D | C] -- C:\Users\domowy\ArcSDE_Personal
[2013-03-25 00:18:13 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Roaming\Download Manager
[2013-03-20 21:15:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013-03-18 23:42:53 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Roaming\TS3Client
[2013-03-18 12:07:28 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2013-03-18 12:07:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013-03-18 12:07:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-03-13 23:55:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-03-13 23:55:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-03-13 23:55:53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-03-13 23:55:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-03-13 23:55:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013-03-13 23:55:52 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-03-13 23:55:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013-03-13 23:55:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013-03-12 21:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftPerfect
[2013-03-12 21:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
[2013-03-10 12:49:21 | 000,000,000 | ---D | C] -- D:\!domowy komputer\Moje dokumenty\Stronghold Crusader
[2013-03-10 11:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-03-10 11:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-03-08 12:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
[2013-03-06 12:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-03-02 00:06:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-03-30 16:47:21 | 000,010,560 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-30 16:47:21 | 000,010,560 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-30 12:45:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-28 21:31:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\!domowy komputer\Pulpit\OTL.exe
[2013-03-28 21:02:03 | 004,843,904 | ---- | M] (Swearware) -- D:\!domowy komputer\Pulpit\ComboFix.exe
[2013-03-21 23:50:01 | 000,086,887 | ---- | M] () -- D:\!domowy komputer\Pulpit\kregi.jpg
[2013-03-18 12:13:26 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-03-14 08:17:03 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-03-14 00:08:47 | 000,701,310 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-03-14 00:08:47 | 000,619,002 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-03-14 00:08:47 | 000,136,328 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-03-14 00:08:47 | 000,107,322 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-03-13 15:37:35 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-03-13 15:37:35 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-03-10 13:47:04 | 000,003,584 | ---- | M] () -- C:\Users\domowy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-10 11:47:00 | 000,210,760 | ---- | M] () -- D:\!domowy komputer\Moje dokumenty\kopiazapasowamarzec13.reg
[2013-03-10 11:41:30 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-03-02 00:02:56 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-03-30 01:40:05 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013-03-25 11:15:01 | 000,005,062 | ---- | C] () -- C:\Users\domowy\10UninstallUtilityGuide.htm
[2013-03-21 20:00:31 | 000,086,887 | ---- | C] () -- D:\!domowy komputer\Pulpit\kregi.jpg
[2013-03-18 12:13:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013-03-18 12:13:26 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-03-10 13:47:04 | 000,003,584 | ---- | C] () -- C:\Users\domowy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-10 11:46:55 | 000,210,760 | ---- | C] () -- D:\!domowy komputer\Moje dokumenty\kopiazapasowamarzec13.reg
[2013-03-10 11:41:30 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-03-06 12:10:35 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-11-27 22:22:35 | 000,000,172 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2011-11-27 22:13:13 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2011-10-08 22:17:50 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011-10-04 09:54:34 | 000,000,067 | ---- | C] () -- C:\Windows\System32\UpdateVersion.ini
[2011-08-10 21:16:45 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011-08-10 21:16:44 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011-06-25 19:47:19 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-06-25 19:46:25 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-05-21 16:30:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011-03-31 20:40:38 | 000,007,597 | ---- | C] () -- C:\Users\domowy\AppData\Local\Resmon.ResmonCfg
[2011-01-12 12:56:46 | 000,000,117 | ---- | C] () -- C:\Users\domowy\jagex_runescape_preferences2.dat
[2011-01-12 12:55:46 | 000,000,034 | ---- | C] () -- C:\Users\domowy\jagex_runescape_preferences.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-08-21 11:25:48 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Audacity
[2013-01-13 11:16:10 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\BabSolution
[2013-03-10 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\DAEMON Tools Lite
[2013-03-18 12:07:28 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2012-05-15 14:11:14 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Gadu-Gadu 10
[2011-09-24 11:41:45 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\ipla
[2011-05-31 11:23:24 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Lionhead Studios
[2012-03-26 10:48:09 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Mount&Blade Warband
[2011-07-04 20:25:28 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\OpenFM
[2010-12-04 10:27:12 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\OpenOffice.org
[2012-06-29 18:06:40 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Opera
[2012-05-09 08:38:15 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Origin
[2012-04-27 11:43:19 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Podatnik.info
[2011-11-27 22:13:13 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2013-03-19 00:00:21 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\TS3Client
[2011-10-08 21:21:28 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\UDC Profiles
[2013-03-10 11:45:25 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\uTorrent
[2012-05-22 00:03:59 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\YourFileDownloader
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >
   

EXTRAS

Kod: Zaznacz cały

 OTL Extras logfile created on: 2013-03-30 18:01:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\!domowy komputer\Pulpit
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,35% Memory free
5,99 Gb Paging File | 4,68 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,43 Gb Total Space | 2,22 Gb Free Space | 11,43% Space Free | Partition Type: NTFS
Drive D: | 213,29 Gb Total Space | 58,01 Gb Free Space | 27,20% Space Free | Partition Type: NTFS
Drive E: | 3,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: DOMOWY-KOMPUTER | User Name: domowy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{0CB1BFA2-1D06-4FEB-8025-0BA00243577A}" = Windows 7 Manager
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC63F331-8D46-46BC-A0DA-9B3DF927FD3A}" = Pro Evolution Soccer 6 DEMO
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4C0A315-07FB-39F9-85CD-8CE20C019350}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Foxit Reader" = Foxit Reader
"Google Chrome" = Google Chrome
"InstallShield_{AC63F331-8D46-46BC-A0DA-9B3DF927FD3A}" = Pro Evolution Soccer 6 DEMO
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"NetWorx_is1" = NetWorx 5.2.6
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab PDF Creator" = FoxTab PDF Creator
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-01-18 13:24:01 | Computer Name = domowy-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\AVAST !\AvastUI.exe".
Nie
 można odnaleźć zestawu zależnego Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 2013-01-18 13:41:37 | Computer Name = domowy-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: SoftonicDownloader_for_microsoft-visual-basic.exe,
 wersja: 1.37.0.0, sygnatura czasowa: 0x50b6373a  Nazwa modułu powodującego błąd:
SoftonicDownloader_for_microsoft-visual-basic.exe, wersja: 1.37.0.0, sygnatura czasowa:
 0x50b6373a  Kod wyjątku: 0xc0000005  Przesunięcie błędu: 0x000b833b  Identyfikator procesu
 powodującego błąd: 0xfac  Godzina uruchomienia aplikacji powodującej błąd: 0x01cdf5a2ff2d1b32
Ścieżka
 aplikacji powodującej błąd: D:\!domowy komputer\!downloads\SoftonicDownloader_for_microsoft-visual-basic.exe
Ścieżka
 modułu powodującego błąd: D:\!domowy komputer\!downloads\SoftonicDownloader_for_microsoft-visual-basic.exe
Identyfikator
 raportu: 4e9472e0-6196-11e2-9e7a-001d0979fef3
 
Error - 2013-02-01 19:13:38 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 1024
Description =
 
Error - 2013-01-06 19:18:21 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 11304
Description =
 
Error - 2013-01-06 19:18:33 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 1024
Description =
 
Error - 2013-02-08 22:02:03 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 11711
Description =
 
Error - 2013-02-08 22:02:04 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 1024
Description =
 
Error - 2013-02-09 17:02:33 | Computer Name = domowy-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 14.0.835.202,
 sygnatura czasowa: 0x4e84cf5b  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
 6.1.7601.17725, sygnatura czasowa: 0x4ec49b60  Kod wyjątku: 0xc000000d  Przesunięcie
 błędu: 0x00097c41  Identyfikator procesu powodującego błąd: 0xd50  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01ce0707b61ca9c7  Ścieżka aplikacji powodującej błąd:
 C:\Users\domowy\AppData\Local\Google\Chrome\Application\chrome.exe  Ścieżka modułu
 powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll  Identyfikator raportu: 0542076b-72fc-11e2-ab9c-001d0979fef3
 
Error - 2013-02-12 19:47:32 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 11307
Description =
 
Error - 2013-02-12 19:47:54 | Computer Name = domowy-Komputer | Source = MsiInstaller | ID = 1024
Description =
 
[ System Events ]
Error - 2013-03-29 20:41:54 | Computer Name = domowy-Komputer | Source = Microsoft-Windows-TaskScheduler | ID = 701
Description = Usługa Harmonogram zadań nie może uruchomić modułu zgodności zadań.
 Rejestrowanie zadań we wcześniejszych wersjach systemu Windows prawdopodobnie nie
 będzie możliwe. Dodatkowe dane: Wartość błędu: 2147942405.
 
Error - 2013-03-29 20:41:55 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Telefonia,
 której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2013-03-29 20:41:55 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Udostępnianie połączenia internetowego (ICS) zależy od usługi
 Menedżer połączeń usługi Dostęp zdalny, której nie można uruchomić z powodu następującego
 błędu:   %%1068
 
Error - 2013-03-29 20:43:02 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2013-03-29 20:43:56 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%2
 
Error - 2013-03-29 21:28:39 | Computer Name = domowy-Komputer | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
 można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.
 
Error - 2013-03-30 07:45:17 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Telefonia,
 której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2013-03-30 07:45:17 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Udostępnianie połączenia internetowego (ICS) zależy od usługi
 Menedżer połączeń usługi Dostęp zdalny, której nie można uruchomić z powodu następującego
 błędu:   %%1068
 
Error - 2013-03-30 07:45:46 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2013-03-30 07:47:18 | Computer Name = domowy-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
 następującego błędu:   %%2
 
 
< End of report >
 

Log z ADWCleaner( z opcji Delete)

Kod: Zaznacz cały

 # AdwCleaner v2.115 - Log utworzony 30/03/2013 o 18:14:39
# Aktualizacja 17/03/2013 przez Xplode
# System operacyjny : Windows 7 Ultimate Service Pack 1 (32 bits)
# Użytkownik : domowy - DOMOWY-KOMPUTER
# Tryb uruchomienia : Normalny
# Ścieżka : D:\adwcleaner_www.INSTALKI.pl.exe
# Opcja [Usuń]


***** [Usługi] *****


***** [Pliki / Foldery] *****

Folder Usunięto : C:\Program Files\DAEMON Tools Toolbar
Folder Usunięto : C:\Program Files\yourfiledownloader
Folder Usunięto : C:\ProgramData\InstallMate
Folder Usunięto : C:\ProgramData\Premium
Folder Usunięto : C:\ProgramData\Tarma Installer
Folder Usunięto : C:\Users\domowy\AppData\Local\Babylon
Folder Usunięto : C:\Users\domowy\AppData\LocalLow\BabylonToolbar
Folder Usunięto : C:\Users\domowy\AppData\LocalLow\Funmoods
Folder Usunięto : C:\Users\domowy\AppData\Roaming\BabSolution
Folder Usunięto : C:\Users\domowy\AppData\Roaming\yourfiledownloader
Plik Usunięto : C:\user.js

***** [Rejestr] *****

Klucz Usunięto : HKCU\Software\1ClickDownload
Klucz Usunięto : HKCU\Software\Conduit
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klucz Usunięto : HKCU\Software\Softonic
Klucz Usunięto : HKCU\Software\YourFileDownloader
Klucz Usunięto : HKLM\Software\Babylon
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Klucz Usunięto : HKLM\Software\Iminent
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Klucz Usunięto : HKLM\Software\YourFileDownloader

***** [Przeglądarki Internetowe] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Rejestr w porządku.

-\\ Google Chrome v25.0.1364.172

Plik : C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Usunięto [l.33] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Usunięto [l.36] : keyword = "babylon.com",
Usunięto [l.39] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&AF=108603&babsrc=SP_ss&mntrId=42e3b2[...]

-\\ Opera v [Nie udało się określić wersji]

Plik : C:\Users\domowy\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Plik w porządku.

*************************

AdwCleaner[R1].txt - [4077 octets] - [30/03/2013 18:00:02]
AdwCleaner[S1].txt - [330 octets] - [30/03/2013 17:59:38]
AdwCleaner[S2].txt - [3895 octets] - [30/03/2013 18:14:39]

########## EOF - C:\AdwCleaner[S2].txt - [3955 octets] ##########
 

[kominekl]

ADWCleaner.

Odinstaluj.

Logi.

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL

IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
[2012-05-22 00:04:10 | 000,002,357 | ---- | M] () -- \searchplugins\babylon.xml

:Files
$RECYCLE.BIN /alldrives
D:\!domowy komputer\Pulpit\ComboFix.exe
C:\Windows\temp

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z Autoruns.

[Shlen]

Log z usuwania

Kod: Zaznacz cały

 All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
File move failed. \searchplugins\babylon.xml scheduled to be moved on reboot.
========== FILES ==========
C:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
D:\$RECYCLE.BIN\S-1-5-21-744159667-1628034061-4057805603-1001 folder moved successfully.
D:\$RECYCLE.BIN folder moved successfully.
$RECYCLE.BIN not found in E:\
D:\!domowy komputer\Pulpit\ComboFix.exe moved successfully.
Folder move failed. C:\Windows\temp\_avast_ scheduled to be moved on reboot.
Folder move failed. C:\Windows\temp scheduled to be moved on reboot.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 54776 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: domowy
->Temp folder emptied: 9343876 bytes
->Temporary Internet Files folder emptied: 6321317 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 240199934 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 54797 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 244,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 03302013_230240

Files\Folders moved on Reboot...
File\Folder \searchplugins\babylon.xml not found!
Folder move failed. C:\Windows\temp\_avast_ scheduled to be moved on reboot.
Folder move failed. C:\Windows\temp\_avast_ scheduled to be moved on reboot.
Folder move failed. C:\Windows\temp scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

Log z Autoruns

Dostępne tylko dla zarejestrowanych użytkowników

[kominekl]

Autoruns.

W trybie awaryjnym, w Autoruns odznacz, a następnie usuń (co się będzie dało):

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Adobe ARM
BCSSync
IgfxTray
Persistence
SunJavaUpdateSched

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components

Wszystko.

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

Wszystko.

HKLM\Software\Microsoft\Internet Explorer\Extensions

Wszystko.

Task Scheduler

Wszystko.

HKLM\System\CurrentControlSet\Services

AdobeARMservice
gupdate
gupdatem
Microsoft SharePoint Workspace Audit Service
npggsvc
nvsvc
nvUpdatusService
ose
osppsvc
Stereo Service
WinDefend

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

igfxcui

Logi.

Następnie podajesz nowe logi z OTL.

[Shlen]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

Nie dało się usunąć -tylko odznaczone

HKLM\Software\Microsoft\Internet Explorer\Extensions

Nie dało się usunąć-tylko odznaczone

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

Nie dało się usunąć -tylko odznaczone

zaraz wrzuce logi

-- 31 mar 2013, 01:27 --

Logi tylko 1 mi wyrzuciło

Kod: Zaznacz cały

OTL logfile created on: 2013-03-31 00:16:31 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\!domowy komputer\Pulpit
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,20% Memory free
5,99 Gb Paging File | 5,11 Gb Available in Paging File | 85,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,43 Gb Total Space | 3,20 Gb Free Space | 16,48% Space Free | Partition Type: NTFS
Drive D: | 213,29 Gb Total Space | 111,35 Gb Free Space | 52,20% Space Free | Partition Type: NTFS
 
Computer Name: DOMOWY-KOMPUTER | User Name: domowy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-03-28 21:31:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\!domowy komputer\Pulpit\OTL.exe
PRC - [2013-03-11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- D:\AVAST !\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- D:\AVAST !\AvastSvc.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-03-11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013-03-11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013-03-11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013-03-11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013-03-11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013-03-11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-03-13 15:37:36 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- D:\AVAST !\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-12-04 10:53:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-10-30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-10-30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-10-30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-10-30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012-10-30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-10-15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012-10-10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-08-11 15:20:17 | 000,083,872 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-08-11 15:20:17 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-05-31 00:05:48 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-05-13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011-05-13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011-05-13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011-05-13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011-05-13 02:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-13 23:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\AVAST !\WebRep\FF [2013-01-18 17:48:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\plugins
 
[2013-03-28 21:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\domowy\AppData\Roaming\mozilla\Firefox\Profiles\u9p6bgfz.default\extensions
[2013-03-28 21:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-03-16 20:46:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-03-16 20:46:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=108603&babsrc=SP_ss&mntrId=42e3b297000000000000001d0979fef3
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Ares pliki\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = D:\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\domowy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = D:\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = D:\Office14\NPSPWRAP.DLL
CHR - Extension: Dokumenty Google = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\domowy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013-03-02 00:02:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\AVAST !\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] D:\AVAST !\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-744159667-1628034061-4057805603-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - D:\Office14\ONBttnIE.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16918B4B-DA70-4585-B86F-7F2368F478B3}: DhcpNameServer = 192.168.100.1 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AutorunsDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-03-30 23:09:13 | 000,657,600 | ---- | C] (Sysinternals - www.sysinternals.com) -- D:\!domowy komputer\Pulpit\autoruns.exe
[2013-03-30 23:09:13 | 000,576,192 | ---- | C] (Sysinternals - www.sysinternals.com) -- D:\!domowy komputer\Pulpit\autorunsc.exe
[2013-03-30 23:03:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-03-30 22:29:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-03-29 15:30:45 | 000,000,000 | -HSD | C] -- C:\Boot
[2013-03-28 21:31:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\!domowy komputer\Pulpit\OTL.exe
[2013-03-27 22:18:14 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Local\Apps
[2013-03-26 13:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcGIS
[2013-03-25 11:15:01 | 000,000,000 | ---D | C] -- C:\Users\domowy\ArcSDE_Personal
[2013-03-25 00:18:13 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Roaming\Download Manager
[2013-03-20 21:15:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013-03-18 23:42:53 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Roaming\TS3Client
[2013-03-18 12:07:28 | 000,000,000 | ---D | C] -- C:\Users\domowy\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2013-03-18 12:07:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013-03-18 12:07:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-03-13 23:55:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-03-13 23:55:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-03-13 23:55:53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-03-13 23:55:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-03-13 23:55:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013-03-13 23:55:52 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-03-13 23:55:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013-03-13 23:55:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013-03-12 21:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftPerfect
[2013-03-12 21:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
[2013-03-10 12:49:21 | 000,000,000 | ---D | C] -- D:\!domowy komputer\Moje dokumenty\Stronghold Crusader
[2013-03-10 11:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-03-10 11:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-03-08 12:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
[2013-03-06 12:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-03-02 00:06:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-03-31 00:14:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-30 23:47:43 | 000,010,560 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-30 23:47:43 | 000,010,560 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-30 22:31:14 | 000,691,144 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-03-30 22:31:14 | 000,610,102 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-03-30 22:31:14 | 000,132,638 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-03-30 22:31:14 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-03-28 21:31:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\!domowy komputer\Pulpit\OTL.exe
[2013-03-24 23:24:06 | 000,657,600 | ---- | M] (Sysinternals - www.sysinternals.com) -- D:\!domowy komputer\Pulpit\autoruns.exe
[2013-03-24 23:24:06 | 000,576,192 | ---- | M] (Sysinternals - www.sysinternals.com) -- D:\!domowy komputer\Pulpit\autorunsc.exe
[2013-03-21 23:50:01 | 000,086,887 | ---- | M] () -- D:\!domowy komputer\Pulpit\kregi.jpg
[2013-03-18 12:13:26 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-03-17 16:52:14 | 000,049,518 | ---- | M] () -- D:\!domowy komputer\Pulpit\autoruns.chm
[2013-03-14 08:17:03 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-03-13 15:37:35 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-03-13 15:37:35 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-03-10 13:47:04 | 000,003,584 | ---- | M] () -- C:\Users\domowy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-10 11:47:00 | 000,210,760 | ---- | M] () -- D:\!domowy komputer\Moje dokumenty\kopiazapasowamarzec13.reg
[2013-03-10 11:41:30 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-03-02 00:02:56 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-03-30 23:09:13 | 000,049,518 | ---- | C] () -- D:\!domowy komputer\Pulpit\autoruns.chm
[2013-03-30 01:40:05 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013-03-25 11:15:01 | 000,005,062 | ---- | C] () -- C:\Users\domowy\10UninstallUtilityGuide.htm
[2013-03-21 20:00:31 | 000,086,887 | ---- | C] () -- D:\!domowy komputer\Pulpit\kregi.jpg
[2013-03-18 12:13:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013-03-18 12:13:26 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013-03-10 13:47:04 | 000,003,584 | ---- | C] () -- C:\Users\domowy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-10 11:46:55 | 000,210,760 | ---- | C] () -- D:\!domowy komputer\Moje dokumenty\kopiazapasowamarzec13.reg
[2013-03-10 11:41:30 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-03-06 12:10:35 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-11-27 22:22:35 | 000,000,172 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2011-11-27 22:13:13 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2011-10-08 22:17:50 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011-10-04 09:54:34 | 000,000,067 | ---- | C] () -- C:\Windows\System32\UpdateVersion.ini
[2011-08-10 21:16:45 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011-08-10 21:16:44 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011-06-25 19:47:19 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-06-25 19:46:25 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-05-21 16:30:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011-03-31 20:40:38 | 000,007,597 | ---- | C] () -- C:\Users\domowy\AppData\Local\Resmon.ResmonCfg
[2011-01-12 12:56:46 | 000,000,117 | ---- | C] () -- C:\Users\domowy\jagex_runescape_preferences2.dat
[2011-01-12 12:55:46 | 000,000,034 | ---- | C] () -- C:\Users\domowy\jagex_runescape_preferences.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-08-21 11:25:48 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Audacity
[2013-03-10 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\DAEMON Tools Lite
[2013-03-18 12:07:28 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2012-05-15 14:11:14 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Gadu-Gadu 10
[2011-09-24 11:41:45 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\ipla
[2011-05-31 11:23:24 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Lionhead Studios
[2012-03-26 10:48:09 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Mount&Blade Warband
[2011-07-04 20:25:28 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\OpenFM
[2010-12-04 10:27:12 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\OpenOffice.org
[2012-06-29 18:06:40 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Opera
[2012-05-09 08:38:15 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Origin
[2012-04-27 11:43:19 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\Podatnik.info
[2011-11-27 22:13:13 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2013-03-19 00:00:21 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\TS3Client
[2011-10-08 21:21:28 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\UDC Profiles
[2013-03-10 11:45:25 | 000,000,000 | ---D | M] -- C:\Users\domowy\AppData\Roaming\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >