Załapałem jakieś świństwo - prawdopodobnie z facebooka.
wiem,że pakuje coś do hosts i czyszczę to, ale przy każdym uruchomieniu komputera pojawia się to na nowo.
Extras
Kod: Zaznacz cały
OTL Extras logfile created on: 2011-10-31 13:48:46 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Tomek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,80 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 47,53% Memory free
7,60 Gb Paging File | 5,42 Gb Available in Paging File | 71,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 396,68 Gb Free Space | 87,95% Space Free | Partition Type: NTFS
Computer Name: TOMEK | User Name: Tomek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{975DFE7C-8E56-45BC-A329-401E6B1F8102}" = Dell Backup and Recovery Manager
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D7647425-7A6F-4DC6-9F9A-71148AB424CD}" = ESET NOD32 Antivirus
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}" = Adobe Flash Player 10 ActiveX
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35F7D0BF-08AB-42E3-A403-AF9772AC216A}" = Adobe Flash Player 10 Plugin
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.5
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Aktiv MP3 Recorder" = Aktiv MP3 Recorder
"ALLPlayer_is1" = ALLPlayer V4.X
"blueconnect" = blueconnect
"Dell Webcam Central" = Dell Webcam Central
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"RealPlayer 12.0" = RealPlayer
"VirtualCloneDrive" = VirtualCloneDrive
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = WinRAR 4.00 (32-bitowy)
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2011-08-25 15:53:49 | Computer Name = Tomek | Source = RasClient | ID = 20227
Description =
Error - 2011-08-27 03:36:52 | Computer Name = Tomek | Source = RasClient | ID = 20227
Description =
Error - 2011-08-28 14:52:23 | Computer Name = Tomek | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe_LanmanServer, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bc3c1 Nazwa modułu powodującego błąd: SSCORE.DLL,
wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5be092 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000000000000170d Identyfikator procesu powodującego błąd: 0x78 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cc65b38dfc5083 Ścieżka aplikacji powodującej błąd:
C:\windows\system32\svchost.exe Ścieżka modułu powodującego błąd: C:\windows\system32\SSCORE.DLL
Identyfikator
raportu: dd4450a3-d1a6-11e0-a4cf-ec55f983351e
Error - 2011-08-28 15:03:29 | Computer Name = Tomek | Source = Windows Backup | ID = 4103
Description =
Error - 2011-08-30 09:23:39 | Computer Name = Tomek | Source = ESENT | ID = 215
Description = WinMail (1624) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane,
ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem.
Error - 2011-08-30 09:23:47 | Computer Name = Tomek | Source = ESENT | ID = 215
Description = WinMail (3068) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane,
ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem.
Error - 2011-08-30 14:22:46 | Computer Name = Tomek | Source = RasClient | ID = 20227
Description =
Error - 2011-08-30 14:22:48 | Computer Name = Tomek | Source = RasClient | ID = 20227
Description =
Error - 2011-08-30 14:22:54 | Computer Name = Tomek | Source = RasClient | ID = 20227
Description =
Error - 2011-08-30 14:22:55 | Computer Name = Tomek | Source = RasClient | ID = 20227
Description =
[ Media Center Events ]
Error - 2011-07-31 04:26:22 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 10:26:22 - Błąd podczas nawiązywania połączenia z Internetem. 10:26:22
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 04:26:28 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 10:26:27 - Błąd podczas nawiązywania połączenia z Internetem. 10:26:27
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 05:26:33 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 11:26:33 - Błąd podczas nawiązywania połączenia z Internetem. 11:26:33
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 05:26:39 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 11:26:38 - Błąd podczas nawiązywania połączenia z Internetem. 11:26:38
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 06:26:44 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 12:26:44 - Błąd podczas nawiązywania połączenia z Internetem. 12:26:44
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 06:26:50 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 12:26:49 - Błąd podczas nawiązywania połączenia z Internetem. 12:26:49
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 07:26:56 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 13:26:56 - Błąd podczas nawiązywania połączenia z Internetem. 13:26:56
- Nie można skontaktować się z serwerem..
Error - 2011-07-31 07:27:02 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 13:27:01 - Błąd podczas nawiązywania połączenia z Internetem. 13:27:01
- Nie można skontaktować się z serwerem..
Error - 2011-08-24 10:11:16 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 16:11:16 - Błąd podczas nawiązywania połączenia z Internetem. 16:11:16
- Nie można skontaktować się z serwerem..
Error - 2011-08-24 10:11:26 | Computer Name = Tomek | Source = MCUpdate | ID = 0
Description = 16:11:21 - Błąd podczas nawiązywania połączenia z Internetem. 16:11:21
- Nie można skontaktować się z serwerem..
[ System Events ]
Error - 2011-09-02 11:24:14 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-04 06:49:12 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-04 23:43:29 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-05 09:39:08 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-06 03:02:56 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-06 10:02:33 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-06 15:05:16 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-07 03:03:36 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-08 05:36:46 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
Error - 2011-09-08 12:40:23 | Computer Name = Tomek | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom
< End of report >
OTL
Kod: Zaznacz cały
OTL logfile created on: 2011-10-31 13:48:46 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Tomek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,80 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 47,53% Memory free
7,60 Gb Paging File | 5,42 Gb Available in Paging File | 71,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 396,68 Gb Free Space | 87,95% Space Free | Partition Type: NTFS
Computer Name: TOMEK | User Name: Tomek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011-10-31 13:48:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Downloads\OTL.exe
PRC - [2011-10-30 11:31:25 | 001,942,528 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-10-30 11:31:25 | 001,942,528 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-10-30 11:31:25 | 001,942,528 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-10-30 11:31:25 | 001,942,528 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-10-30 11:31:25 | 001,942,528 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-10-30 11:31:25 | 001,942,528 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-28 22:15:24 | 000,344,576 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011-10-27 15:19:02 | 000,376,832 | ---- | M] () -- C:\Windows\update.7.1\svchostdriver.exe
PRC - [2011-10-27 15:05:15 | 000,258,048 | ---- | M] () -- C:\Windows\sysdriver32.exe
PRC - [2011-10-27 14:52:28 | 001,198,080 | -H-- | M] (Cronosoft) -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011-10-27 14:52:28 | 001,198,080 | -H-- | M] (Cronosoft) -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011-10-27 14:52:28 | 001,198,080 | -H-- | M] (Cronosoft) -- C:\Windows\update.1\svchost.exe
PRC - [2011-10-27 14:52:28 | 001,198,080 | -H-- | M] (Cronosoft) -- C:\Windows\update.1\svchost.exe
PRC - [2011-10-27 14:52:28 | 001,198,080 | -H-- | M] (Cronosoft) -- C:\Windows\update.1\svchost.exe
PRC - [2011-07-26 13:37:37 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011-06-06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-05-02 12:23:12 | 001,932,288 | ---- | M] () -- C:\Program Files (x86)\Aktiv MP3 Recorder\Aktiv MP3 Recorder.exe
PRC - [2010-09-24 16:20:14 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010-08-20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010-08-19 09:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-08-19 09:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010-07-02 12:10:28 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010-07-02 12:10:24 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010-05-24 22:44:48 | 000,151,552 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe
PRC - [2010-04-24 00:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010-04-24 00:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010-03-04 02:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010-03-04 02:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009-12-31 13:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Tomek\AppData\Roaming\blueconnect\ouc.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011-10-26 09:10:46 | 000,420,920 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
MOD - [2011-10-26 09:10:45 | 003,702,840 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
MOD - [2011-10-26 09:09:09 | 000,122,952 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\avutil-51.dll
MOD - [2011-10-26 09:09:07 | 000,222,280 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\avformat-53.dll
MOD - [2011-10-26 09:09:06 | 001,745,992 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\avcodec-53.dll
MOD - [2011-10-26 06:14:43 | 008,587,936 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll
MOD - [2011-10-26 06:14:43 | 008,587,936 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Google\Chrome\APPLIC~1\150874~1.106\gcswf32.dll
MOD - [2011-10-13 18:54:18 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll
MOD - [2011-10-13 18:33:46 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011-10-13 18:33:02 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011-10-13 18:32:47 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011-10-13 18:32:18 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011-10-13 18:32:09 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011-10-13 18:32:02 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011-10-13 18:32:00 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011-10-13 18:31:48 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011-05-02 12:23:12 | 001,932,288 | ---- | M] () -- C:\Program Files (x86)\Aktiv MP3 Recorder\Aktiv MP3 Recorder.exe
MOD - [2011-04-10 16:07:54 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011-03-15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2011-03-15 06:13:46 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010-11-13 03:37:37 | 000,311,296 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-09-24 16:20:14 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2004-07-29 00:19:46 | 000,175,104 | ---- | M] () -- C:\Windows\SysWOW64\lame_enc.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2010-09-23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-08-05 13:27:06 | 000,265,728 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-03-03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011-10-27 15:19:02 | 000,376,832 | ---- | M] () [Auto | Running] -- C:\windows\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011-10-27 15:05:15 | 000,258,048 | ---- | M] () [Auto | Running] -- C:\windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011-06-06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-06-06 07:04:13 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010-09-02 00:28:26 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010-08-19 09:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010-07-02 12:10:28 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010-07-02 12:10:24 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010-05-24 22:44:48 | 000,151,552 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2010-04-24 00:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010-04-24 00:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-04 02:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2010-12-21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010-12-21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:[b]64bit:[/b] - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-10-07 01:12:24 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010-09-03 22:46:48 | 001,392,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2010-09-02 00:06:46 | 000,054,120 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2010-08-30 23:14:36 | 000,272,744 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2010-08-25 18:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010-08-20 17:05:18 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:[b]64bit:[/b] - [2010-08-20 17:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:[b]64bit:[/b] - [2010-08-12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:[b]64bit:[/b] - [2010-08-05 13:27:06 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2010-07-08 04:21:46 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2010-07-08 04:21:44 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2010-07-08 04:21:34 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2010-07-08 04:21:34 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2010-07-08 04:21:32 | 000,297,320 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2010-06-24 02:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-06-18 02:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2010-04-24 00:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2010-04-24 00:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2010-04-24 00:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2010-04-24 00:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2010-04-09 14:24:38 | 000,079,360 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:[b]64bit:[/b] - [2010-04-09 14:24:32 | 000,076,288 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2010-03-20 10:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2010-03-04 01:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010-02-27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010-02-03 15:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:[b]64bit:[/b] - [2009-09-18 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=pl&l=pl&s=pad
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Tomek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Tomek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-07-26 13:37:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Tomek\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
O1 HOSTS File: ([2011-10-31 13:29:04 | 000,202,936 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 127.0.0.1 tl-ph.facebook.com
O1 - Hosts: 127.0.0.1 fo-fo.facebook.com
O1 - Hosts: 127.0.0.1 fr-fr.facebook.com
O1 - Hosts: 127.0.0.1 fy-nl.facebook.com
O1 - Hosts: 127.0.0.1 ga-ie.facebook.com
O1 - Hosts: 127.0.0.1 gl-es.facebook.com
O1 - Hosts: 127.0.0.1 ko-kr.facebook.com
O1 - Hosts: 127.0.0.1 hr-hr.facebook.com
O1 - Hosts: 127.0.0.1 is-is.facebook.com
O1 - Hosts: 50051 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice File not found
O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PrnStatusMX] C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PATHPILOT] C:\Program Files (x86)\Aktiv MP3 Recorder\Aktiv MP3 Recorder.lnk ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe (Cronosoft)
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe (Cronosoft)
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [HW_OPENEYE_OUC_blueconnect] C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF02A8F3-EBC2-4D4B-A7C8-25DB24E3EC26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C119A2B0-23C5-472D-ABB8-9253FF5D4AC7}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0a3c918e-764b-11e0-875f-ec55f983351e}\Shell - "" = AutoRun
O33 - MountPoints2\{0a3c918e-764b-11e0-875f-ec55f983351e}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{0a3c918e-764b-11e0-875f-ec55f983351e}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{0a3c918e-764b-11e0-875f-ec55f983351e}\Shell\install\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{26e2b0e5-7820-11e0-9736-ec55f983351e}\Shell - "" = AutoRun
O33 - MountPoints2\{26e2b0e5-7820-11e0-9736-ec55f983351e}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{26e2b0f7-7820-11e0-9736-ec55f983351e}\Shell - "" = AutoRun
O33 - MountPoints2\{26e2b0f7-7820-11e0-9736-ec55f983351e}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{47a9243b-794e-11e0-9e2f-782bcbe5ec98}\Shell - "" = AutoRun
O33 - MountPoints2\{47a9243b-794e-11e0-9e2f-782bcbe5ec98}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b0c25ecc-7df3-11e0-93df-782bcbe5ec98}\Shell - "" = AutoRun
O33 - MountPoints2\{b0c25ecc-7df3-11e0-93df-782bcbe5ec98}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011-10-31 13:28:45 | 000,000,000 | R--D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2011-10-28 11:33:34 | 000,000,000 | ---D | C] -- C:\windows\ufa
[2011-10-27 18:07:35 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\ElevatedDiagnostics
[2011-10-27 17:58:46 | 000,000,000 | ---D | C] -- C:\windows\rpcminer
[2011-10-27 17:58:46 | 000,000,000 | ---D | C] -- C:\windows\phoenix
[2011-10-27 15:19:03 | 000,000,000 | -H-D | C] -- C:\windows\update.7.1
[2011-10-27 15:18:40 | 000,000,000 | -H-D | C] -- C:\windows\update.5.0
[2011-10-27 15:17:44 | 000,000,000 | -H-D | C] -- C:\windows\update.8.1
[2011-10-27 15:13:17 | 000,000,000 | -H-D | C] -- C:\windows\update.2
[2011-10-27 15:04:58 | 000,000,000 | ---D | C] -- C:\windows\av_ico
[2011-10-27 15:03:30 | 000,000,000 | -H-D | C] -- C:\windows\update.1
[2011-10-27 15:03:29 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-2-0-lnk
[2011-10-27 15:03:29 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-2-0
[2011-10-27 14:52:46 | 001,198,080 | ---- | C] (Cronosoft) -- C:\windows\services32.exe
[2011-10-25 21:08:35 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Facebook
[2011-10-20 17:31:48 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\dvdcss
[2011-10-20 17:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011-10-20 15:50:51 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\udostępniony
[2011-10-13 17:21:16 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011-10-13 17:21:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011-10-13 17:21:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011-10-13 17:21:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011-10-13 17:21:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011-10-13 17:21:12 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2011-10-13 17:21:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011-10-13 17:21:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011-10-13 17:21:11 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011-10-13 12:56:29 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2011-10-13 12:56:29 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2011-10-13 12:56:28 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2011-10-13 12:56:28 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2011-10-13 12:56:06 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2011-10-13 12:56:06 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2011-10-10 08:56:20 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\{A66A73DE-0A2A-4B5A-BFEB-259B2E69B426}
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011-10-31 13:37:26 | 000,013,872 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-10-31 13:37:26 | 000,013,872 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-10-31 13:36:19 | 001,551,270 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011-10-31 13:36:19 | 000,698,590 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2011-10-31 13:36:19 | 000,616,686 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011-10-31 13:36:19 | 000,135,410 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2011-10-31 13:36:19 | 000,106,808 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011-10-31 13:33:24 | 005,589,370 | ---- | M] () -- C:\windows\phoenix.rar
[2011-10-31 13:33:24 | 001,075,284 | ---- | M] () -- C:\windows\rpcminer.rar
[2011-10-31 13:33:24 | 000,246,272 | ---- | M] () -- C:\windows\unrar.exe
[2011-10-31 13:33:24 | 000,182,617 | ---- | M] () -- C:\windows\ufa.rar
[2011-10-31 13:29:04 | 000,202,936 | -H-- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2011-10-31 13:29:04 | 000,000,734 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hîsts
[2011-10-31 13:28:39 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2011-10-31 13:28:37 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2011-10-31 13:28:28 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011-10-31 13:28:22 | 3062,755,328 | -HS- | M] () -- C:\hiberfil.sys
[2011-10-31 13:11:11 | 000,001,058 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3564059422-3480122519-2650005235-1000UA.job
[2011-10-30 11:31:26 | 000,000,224 | ---- | M] () -- C:\windows\info1
[2011-10-29 18:11:00 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3564059422-3480122519-2650005235-1000Core.job
[2011-10-29 07:11:52 | 000,002,365 | ---- | M] () -- C:\Users\Tomek\Desktop\Google Chrome.lnk
[2011-10-27 15:19:58 | 000,232,960 | ---- | M] () -- C:\windows\l1rezerv.exe
[2011-10-27 15:15:24 | 000,380,416 | ---- | M] () -- C:\windows\systemup.exe
[2011-10-27 15:07:54 | 000,904,792 | ---- | M] () -- C:\windows\geoiplist.rar
[2011-10-27 15:05:46 | 000,000,000 | ---- | M] () -- C:\windows\loader2.exe_ok
[2011-10-27 15:05:15 | 000,258,048 | ---- | M] () -- C:\windows\sysdriver32_.exe
[2011-10-27 15:05:15 | 000,258,048 | ---- | M] () -- C:\windows\sysdriver32.exe
[2011-10-27 14:52:28 | 001,198,080 | ---- | M] (Cronosoft) -- C:\windows\services32.exe
[2011-10-13 18:30:19 | 000,414,696 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011-10-28 11:33:33 | 000,182,617 | ---- | C] () -- C:\windows\ufa.rar
[2011-10-27 17:58:45 | 005,589,370 | ---- | C] () -- C:\windows\phoenix.rar
[2011-10-27 17:58:45 | 001,075,284 | ---- | C] () -- C:\windows\rpcminer.rar
[2011-10-27 15:20:02 | 000,232,960 | ---- | C] () -- C:\windows\l1rezerv.exe
[2011-10-27 15:15:32 | 000,380,416 | ---- | C] () -- C:\windows\systemup.exe
[2011-10-27 15:13:16 | 000,000,224 | ---- | C] () -- C:\windows\info1
[2011-10-27 15:07:55 | 004,636,907 | ---- | C] () -- C:\windows\geoiplist
[2011-10-27 15:07:54 | 000,904,792 | ---- | C] () -- C:\windows\geoiplist.rar
[2011-10-27 15:07:54 | 000,246,272 | ---- | C] () -- C:\windows\unrar.exe
[2011-10-27 15:05:40 | 000,000,000 | ---- | C] () -- C:\windows\loader2.exe_ok
[2011-10-27 15:05:37 | 000,258,048 | ---- | C] () -- C:\windows\sysdriver32_.exe
[2011-10-27 15:05:22 | 000,258,048 | ---- | C] () -- C:\windows\sysdriver32.exe
[2011-10-27 15:04:45 | 000,065,536 | ---- | C] () -- C:\windows\SysNative\Ikeext.etl
[2011-07-06 12:15:23 | 001,575,678 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011-06-18 22:12:20 | 000,644,608 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011-06-18 22:12:20 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\libFLAC.dll
[2011-06-06 07:14:55 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\srvany.exe
[2011-04-10 15:47:45 | 000,870,560 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011-04-10 15:47:45 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2011-04-10 15:47:45 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
[2011-04-10 15:47:44 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2011-04-10 15:47:01 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011-04-10 15:46:58 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011-04-10 15:46:58 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011-04-10 15:46:58 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011-04-10 15:46:58 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011-04-10 15:46:58 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011-04-10 15:46:58 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2010-12-10 01:33:11 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini
[2010-08-25 18:34:30 | 000,104,796 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009-07-13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009-07-13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009-07-13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2004-07-29 00:19:46 | 000,175,104 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[color=#E56717]========== LOP Check ==========[/color]
[2011-05-07 20:03:38 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\blueconnect
[2011-07-18 12:13:23 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\SoftGrid Client
[2011-07-06 12:16:15 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\TP
[2011-10-20 18:22:39 | 000,032,604 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
