Jump to content


Photo
- - - - -

"Abnow" browser hijack


  • This topic is locked This topic is locked
8 replies to this topic

#1 thekingofkings

thekingofkings

    New Member

  • Members
  • Pip
  • 4 posts

Posted 25 February 2012 - 03:34 PM

Hello all,

I would be most grateful for any help with this - I like to think of myself as being somewhat IT savvy, but I simply can't fix this.

The symptoms are pretty simple - when I use Google, my searches get redirected to a website called "abnow".

By request, the two logs -

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Marta at 21:23:56 on 2012-02-25
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.894.85 [GMT 1:00]
.
AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\iPlus\Drivers\driver2k\GTMax\GtDetectSc.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPlus\Drivers\driver2k\GTMax\GtFlashSwitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk.Services.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 5\plugin-container.exe
\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.pl/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Pomocnik rejestracji usługi Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [Matrox PowerDesk SE] "c:\program files\matrox graphics inc\powerdesk se\Matrox.PowerDesk SE.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [WireLessMouse] c:\program files\multimedia mouse driver\StartAutorun.exe MouseDrv.exe
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [PSUNMain] "c:\program files\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/w...&"ver=10.0.1204
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [IETI] c:\program files\skype\phone\ieplugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART
dRunOnce: [KeyScrambler] c:\program files\keyscrambler\getting_started.html
StartupFolder: c:\docume~1\marta\menust~1\programy\autost~1\sonar5.lnk - c:\inde\inde\sonar5.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\przysp~1.lnk - c:\program files\common files\autodesk shared\acstart17.exe
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177676766671
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 62.21.99.95
TCP: Interfaces\{A951C36E-8703-4532-B6BF-BC80B89B04A8} : DhcpNameServer = 62.21.99.95
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\marta\dane aplikacji\mozilla\firefox\profiles\58gyi9j5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - component: c:\documents and settings\marta\dane aplikacji\mozilla\firefox\profiles\58gyi9j5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\marta\dane aplikacji\mozilla\firefox\profiles\58gyi9j5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - plugin: c:\documents and settings\marta\dane aplikacji\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 5\plugins\npdeployJava1.dll
FF - plugin: c:\program files\octoshape streaming services\marta\octoprogram-l03-nms0806091_sua_000\npoctoshape.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2011-4-28 129992]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\windows\system32\drivers\VCdRom.sys [2001-12-19 8576]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-3-27 165160]
R2 GtDetectSc;GtDetectSc Service;c:\program files\iplus\drivers\driver2k\gtmax\GtDetectSc.exe [2008-7-6 204800]
R2 GtFlashSwitch;GtFlashSwitch Service;c:\program files\iplus\drivers\driver2k\gtmax\GtFlashSwitch.exe [2008-7-6 204800]
R2 MtxIic;MtxIic;c:\windows\system32\drivers\MtxIicKrnlNT.sys [2005-10-3 20992]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2011-8-1 143752]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2011-4-28 97096]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2011-4-28 111688]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2011-4-28 112456]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2011-11-5 14976]
R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\drivers\BazisVirtualCDBus.sys [2011-6-4 117584]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-25 20464]
S?4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S1 MpKslc8af47f8;MpKslc8af47f8;\??\c:\documents and settings\all users\dane aplikacji\microsoft\microsoft antimalware\definition updates\{13c32289-d696-4d71-bf7a-f2f1d85e9002}\mpkslc8af47f8.sys --> c:\documents and settings\all users\dane aplikacji\microsoft\microsoft antimalware\definition updates\{13c32289-d696-4d71-bf7a-f2f1d85e9002}\MpKslc8af47f8.sys [?]
S1 MpKsld191a582;MpKsld191a582;\??\c:\documents and settings\all users\dane aplikacji\microsoft\microsoft antimalware\definition updates\{e32e1520-a445-4834-b856-d4c8f2caf79b}\mpksld191a582.sys --> c:\documents and settings\all users\dane aplikacji\microsoft\microsoft antimalware\definition updates\{e32e1520-a445-4834-b856-d4c8f2caf79b}\MpKsld191a582.sys [?]
S1 MpKsle44d6688;MpKsle44d6688;\??\c:\documents and settings\all users\dane aplikacji\microsoft\microsoft antimalware\definition updates\{07c0e860-3475-438e-934e-93d90790d621}\mpksle44d6688.sys --> c:\documents and settings\all users\dane aplikacji\microsoft\microsoft antimalware\definition updates\{07c0e860-3475-438e-934e-93d90790d621}\MpKsle44d6688.sys [?]
S2 gupdate;Usługa Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-5 135664]
S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-5 135664]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2012-02-25 20:23:02 54016 ----a-w- c:\windows\system32\drivers\some.sys
2012-02-25 19:31:49 54016 ----a-w- c:\windows\system32\drivers\fymmf.sys
2012-02-25 19:30:00 54016 ----a-w- c:\windows\system32\drivers\hysx.sys
2012-02-25 19:02:34 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2012-02-25 19:02:34 62976 ----a-w- c:\windows\system32\dllcache\cdrom.sys
2012-02-25 17:53:02 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-25 17:53:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-25 13:09:04 0 --sha-w- c:\windows\system32\dds_log_trash.cmd
2012-02-25 12:54:11 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-02-25 12:54:11 -------- d-----w- c:\windows\system32\wbem\Repository
2012-02-25 11:58:38 -------- d-sh--w- c:\documents and settings\marta\ustawienia lokalne\dane aplikacji\fe3cf4a7
2012-02-15 14:35:58 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-15 14:35:58 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
.
==================== Find3M ====================
.
2012-02-25 17:49:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-25 17:49:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-12 17:20:33 1860224 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:41:45 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:41:44 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:41:44 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23:17 385024 ----a-w- c:\windows\system32\html.iec
2007-04-11 09:37:48 97432 ----a-w- c:\program files\Ac3DSOUTRes.dll
.
============= FINISH: 21:27:22,57 ==============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2007-04-27 14:22:48
System Uptime: 2012-02-25 20:34:03 (1 hours ago)
.
Motherboard: Dell Inc. | | 0PM607
Processor: AMD Turion™ 64 X2 Mobile Technology TL-56 | Socket M2/S1G1 | 1579/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 2,433 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6280
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 5610d-1
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Nokia 5610d-1
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd
.
==== System Restore Points ===================
.
RP1018: 2011-12-15 13:31:07 - Punkt kontrolny systemu
RP1019: 2011-12-16 14:31:07 - Punkt kontrolny systemu
RP1020: 2011-12-17 18:57:51 - Punkt kontrolny systemu
RP1021: 2011-12-18 19:31:23 - Punkt kontrolny systemu
RP1022: 2011-12-22 02:29:35 - Punkt kontrolny systemu
RP1023: 2011-12-23 03:19:25 - Punkt kontrolny systemu
RP1024: 2011-12-24 13:50:30 - Punkt kontrolny systemu
RP1025: 2011-12-25 14:08:24 - Punkt kontrolny systemu
RP1026: 2011-12-26 14:31:14 - Punkt kontrolny systemu
RP1027: 2011-12-27 15:29:04 - Punkt kontrolny systemu
RP1028: 2011-12-29 13:51:10 - Punkt kontrolny systemu
RP1029: 2011-12-30 14:30:59 - Punkt kontrolny systemu
RP1030: 2011-12-31 17:05:35 - Punkt kontrolny systemu
RP1031: 2012-01-01 18:37:39 - Punkt kontrolny systemu
RP1032: 2012-01-02 21:25:42 - Punkt kontrolny systemu
RP1033: 2012-01-04 12:58:32 - Punkt kontrolny systemu
RP1034: 2012-01-06 11:43:46 - Punkt kontrolny systemu
RP1035: 2012-01-06 13:00:49 - Software Distribution Service 3.0
RP1036: 2012-01-07 16:21:14 - Punkt kontrolny systemu
RP1037: 2012-01-09 01:17:19 - Punkt kontrolny systemu
RP1038: 2012-01-10 02:39:08 - Punkt kontrolny systemu
RP1039: 2012-01-12 15:22:59 - Punkt kontrolny systemu
RP1040: 2012-01-14 11:14:52 - Software Distribution Service 3.0
RP1041: 2012-01-15 14:16:06 - Punkt kontrolny systemu
RP1042: 2012-01-20 12:14:42 - Punkt kontrolny systemu
RP1043: 2012-01-23 05:18:59 - Punkt kontrolny systemu
RP1044: 2012-01-26 10:42:03 - Software Distribution Service 3.0
RP1045: 2012-01-27 18:16:56 - Punkt kontrolny systemu
RP1046: 2012-01-28 18:44:48 - Punkt kontrolny systemu
RP1047: 2012-01-30 01:44:16 - Punkt kontrolny systemu
RP1048: 2012-02-05 14:26:57 - Punkt kontrolny systemu
RP1049: 2012-02-06 14:42:33 - Punkt kontrolny systemu
RP1050: 2012-02-08 19:25:24 - Punkt kontrolny systemu
RP1051: 2012-02-10 22:22:27 - Punkt kontrolny systemu
RP1052: 2012-02-11 22:57:56 - Punkt kontrolny systemu
RP1053: 2012-02-12 23:18:18 - Punkt kontrolny systemu
RP1054: 2012-02-15 16:34:18 - Punkt kontrolny systemu
RP1055: 2012-02-16 22:20:47 - Software Distribution Service 3.0
RP1056: 2012-02-18 11:29:05 - Punkt kontrolny systemu
RP1057: 2012-02-18 13:00:48 - Software Distribution Service 3.0
RP1058: 2012-02-19 14:39:47 - Punkt kontrolny systemu
RP1059: 2012-02-24 18:55:29 - Punkt kontrolny systemu
RP1060: 2012-02-25 13:24:25 - Removed Java™ 6 Update 15
RP1061: 2012-02-25 13:26:56 - Installed Java™ 6 Update 31
RP1062: 2012-02-25 13:50:17 - Operacja przywracania
RP1063: 2012-02-25 18:48:01 - Removed Java™ 6 Update 15
RP1064: 2012-02-25 18:48:45 - Installed Java™ 6 Update 31
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
50 tree symbols for AutoCAD
7-Zip 4.65
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Recommended Settings
Adobe Color JA Extra Settings
Adobe Color NA Extra Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.1
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe® Photoshop® Album Starter Edition 3.0
Aktualizacja dla systemu Windows Internet Explorer 8 (KB971180)
Aktualizacja dla systemu Windows Internet Explorer 8 (KB976662)
Aktualizacja dla systemu Windows Internet Explorer 8 (KB976749)
Aktualizacja dla systemu Windows Internet Explorer 8 (KB980182)
Aktualizacja dla systemu Windows XP (KB2141007)
Aktualizacja dla systemu Windows XP (KB2345886)
Aktualizacja dla systemu Windows XP (KB2467659)
Aktualizacja dla systemu Windows XP (KB2541763)
Aktualizacja dla systemu Windows XP (KB2607712)
Aktualizacja dla systemu Windows XP (KB2616676)
Aktualizacja dla systemu Windows XP (KB2641690)
Aktualizacja dla systemu Windows XP (KB951978)
Aktualizacja dla systemu Windows XP (KB955759)
Aktualizacja dla systemu Windows XP (KB955839)
Aktualizacja dla systemu Windows XP (KB961503)
Aktualizacja dla systemu Windows XP (KB967715)
Aktualizacja dla systemu Windows XP (KB968389)
Aktualizacja dla systemu Windows XP (KB971029)
Aktualizacja dla systemu Windows XP (KB971737)
Aktualizacja dla systemu Windows XP (KB973687)
Aktualizacja dla systemu Windows XP (KB973815)
Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772)
Aktualizacja zabezpieczeń dla Microsoft Windows (KB2564958)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB911564)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)
Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB936782)
Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)
Aktualizacja zabezpieczeń dla programu Windows Media Player 6.4 (KB925398)
Aktualizacja zabezpieczeń dla programu Windows Media Player 9 (KB917734)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB928090)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB929969)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB937143)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB938127)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB939653)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB942615)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB944533)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB950759)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB956390)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB958215)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB960714)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB961260)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB963027)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB969897)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2183461)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2360131)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2416400)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2482017)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2497640)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2510531)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2530548)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2544521)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2586448)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2618444)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2647516)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB969897)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB972260)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB974455)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB976325)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB978207)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB981332)
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB982381)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2121546)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2160329)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2259922)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2279986)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2286198)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296199)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2436673)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476687)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479628)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485376)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2491683)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503658)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506223)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2511455)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893-v2)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2562937)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567053)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570947)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2584146)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2585542)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2592799)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2598479)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2603381)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2618451)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2619339)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2620712)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2624667)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2631813)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2633171)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2639417)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2646524)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2660465)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2661637)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB957095)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981852)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981957)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982214)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982802)
Aktualizacja zabezpieczeń dla Windows XP (KB923689)
Aktualizacja zabezpieczeń dla Windows XP (KB941569)
AMD Processor Driver
Archiwizator WinRAR
Asystent rejestracji usługi Windows Live
ATI Catalyst Control Center
ATI Display Driver
µTorrent
AutoCAD 2007 - Polski
Autodesk DWF Viewer
BeebEm V3.85
Broadcom Management Programs
Category B Tests 2010
CompuApps SwissKnife V3
Conexant HDA D110 MDC V.92 Modem
D-Fend Reloaded 0.6.1 (deinstall)
DeepBurner v1.9.0.228
Dell Wireless WLAN Card
Digital Line Detect
ffdshow [rev 1703] [2007-12-15]
Free Unix Spectrum Emulator (Fuse) 0.10.0.2
Gadu-Gadu 7.7
Google SketchUp 6
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
HP Managed Printing Admin
Imagination Image Map Editor
iPlus Manager 1.91
ISO Recorder
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 3
Java™ 6 Update 31
Java™ 6 Update 5
Last.fm 1.5.1.30182
Malwarebytes Anti-Malware version 1.60.1.1000
Mapedit
Matrox DualHead2Go
Matrox PowerDesk-SE
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Polish Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - PLK
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 — pakiet języka polskiego
Microsoft .NET Framework 3.0 Polish Language Pack
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (Polish) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Language Pack 2007 - English
Microsoft Office O MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (Polish) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (Polish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Polish) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (Polish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Polish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (Polish) 2007
Microsoft Office X MUI (English) 2007
Microsoft Reader
Microsoft Security Client
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Software Update for Web Folders (Polish) 12
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Modem Helper
Mozilla Firefox 10.0.2 (x86 en-GB)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
Multimedia Mouse Driver
Narzędzie do przekazywania usługi Windows Live
NetWaiting
New Star Soccer 3
Nokia Connectivity Cable Driver
Nokia PC Suite
Octoshape Streaming Services
OpenAL
OpenOffice.ux.pl 2.2.0
OpenTTD 1.1.2
Pakiet języka polskiego dla systemu Microsoft .NET Framework 3.0
Pakiet podstawowego dostawcy usług kryptograficznych kart inteligentnych Microsoft
Pakiet sterowników systemu Windows - Nokia Modem (10/27/2008 3.9)
Pakiet sterowników systemu Windows - Nokia Modem (10/27/2008 7.01.0.1)
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Panda Cloud Antivirus
PartyPoker
PC Connectivity Solution
PDF Settings
Picasa 2
Piranesi 5 Demonstration
Piranesi Demonstration
Podstawowe programy Windows Live
Poprawka dla programu Windows Media Player 11 (KB939683)
Poprawka dla systemu Windows Internet Explorer 7 (KB947864)
Poprawka dla systemu Windows XP (KB2158563)
Poprawka dla systemu Windows XP (KB2443685)
Poprawka dla systemu Windows XP (KB2570791)
Poprawka dla systemu Windows XP (KB2633952)
Poprawka dla systemu Windows XP (KB952287)
Poprawka dla systemu Windows XP (KB961118)
Poprawka dla systemu Windows XP (KB970653-v3)
Poprawka dla systemu Windows XP (KB976098-v2)
Poprawka dla systemu Windows XP (KB979306)
Poprawka dla systemu Windows XP (KB981793)
PowerDVD 5.7
QuickSet
SDFormatter
Seagate Manager Installer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Segoe UI
Skype Toolbars
Skype™ 5.3
Sonar
Sonic Update Manager
swMSM
Synaptics Pointing Device Driver
Universal Document Converter
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
uTorrentBar Toolbar
VLC media player 0.9.8a
WebFldrs XP
Winamp
WinCDEmu
Windows Communication Foundation Language Pack - PLK
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (PLK)
Windows Workflow Foundation PL Language Pack
Windows XP Service Pack 3
WinWar II
Wirtualny Ogród PRO
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Zip Motion Block Video codec (Remove Only)
.
==== Event Viewer Messages From Past Week ========
.
2012-02-25 20:02:36, informacje: Windows File Protection [64002] - Podjęto próbę zamiany chronionego pliku systemowego cdrom.sys. Dla zachowania stabilności systemu została przywrócona wersja oryginalna pliku. Wersja złego pliku: 5.1.2600.5512.
.
==== End Of File ===========================


Kind regards in advance - all the way from Poland :)

- Marta

#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 25 February 2012 - 04:06 PM

Hello Marta and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall the following applications:

  • µTorrent
  • uTorrentBar Toolbar

We have some rules against them:
http://forums.malwar...showtopic=97700


Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 3

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.


In your next post, please include:

  • TDSSKiller log
  • ComboFix log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 thekingofkings

thekingofkings

    New Member

  • Members
  • Pip
  • 4 posts

Posted 25 February 2012 - 04:28 PM

First of all - thank you for your swift response, I appreciate it!

Step 1 - deleted as requested.

Step 2 -

22:13:09.0687 3256 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
22:13:09.0859 3256 ============================================================
22:13:09.0859 3256 Current date / time: 2012/02/25 22:13:09.0859
22:13:09.0859 3256 SystemInfo:
22:13:09.0859 3256
22:13:09.0859 3256 OS Version: 5.1.2600 ServicePack: 3.0
22:13:09.0859 3256 Product type: Workstation
22:13:09.0859 3256 ComputerName: MRATAJSZCZAK
22:13:09.0859 3256 UserName: Marta
22:13:09.0859 3256 Windows directory: C:\WINDOWS
22:13:09.0859 3256 System windows directory: C:\WINDOWS
22:13:09.0859 3256 Processor architecture: Intel x86
22:13:09.0859 3256 Number of processors: 2
22:13:09.0859 3256 Page size: 0x1000
22:13:09.0859 3256 Boot type: Normal boot
22:13:09.0859 3256 ============================================================
22:13:13.0359 3256 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:13:13.0359 3256 \Device\Harddisk0\DR0:
22:13:13.0359 3256 MBR used
22:13:13.0359 3256 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x46992, BlocksNum 0x94C7B2F
22:13:13.0390 3256 Initialize success
22:13:13.0390 3256 ============================================================
22:13:38.0000 0828 ============================================================
22:13:38.0000 0828 Scan started
22:13:38.0000 0828 Mode: Manual; SigCheck; TDLFS;
22:13:38.0000 0828 ============================================================
22:13:38.0593 0828 Abiosdsk - ok
22:13:38.0640 0828 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:13:39.0890 0828 abp480n5 - ok
22:13:40.0062 0828 ACPI (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:13:40.0234 0828 ACPI - ok
22:13:40.0296 0828 ACPIEC (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:13:40.0437 0828 ACPIEC - ok
22:13:40.0484 0828 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:13:40.0656 0828 adpu160m - ok
22:13:40.0718 0828 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:13:40.0875 0828 aec - ok
22:13:40.0953 0828 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:13:41.0015 0828 AFD - ok
22:13:41.0093 0828 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:13:41.0250 0828 agp440 - ok
22:13:41.0265 0828 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:13:41.0406 0828 agpCPQ - ok
22:13:41.0453 0828 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:13:41.0531 0828 Aha154x - ok
22:13:41.0546 0828 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:13:41.0703 0828 aic78u2 - ok
22:13:41.0750 0828 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:13:41.0890 0828 aic78xx - ok
22:13:41.0921 0828 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:13:42.0093 0828 AliIde - ok
22:13:42.0109 0828 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:13:42.0250 0828 alim1541 - ok
22:13:42.0312 0828 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:13:42.0468 0828 amdagp - ok
22:13:42.0531 0828 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
22:13:42.0562 0828 AmdK8 - ok
22:13:42.0578 0828 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:13:42.0656 0828 amsint - ok
22:13:42.0703 0828 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
22:13:42.0718 0828 APPDRV ( UnsignedFile.Multi.Generic ) - warning
22:13:42.0718 0828 APPDRV - detected UnsignedFile.Multi.Generic (1)
22:13:42.0750 0828 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:13:42.0890 0828 asc - ok
22:13:42.0937 0828 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:13:43.0015 0828 asc3350p - ok
22:13:43.0046 0828 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:13:43.0218 0828 asc3550 - ok
22:13:43.0343 0828 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:13:43.0484 0828 AsyncMac - ok
22:13:43.0515 0828 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:13:43.0656 0828 atapi - ok
22:13:43.0671 0828 Atdisk - ok
22:13:43.0750 0828 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:13:43.0937 0828 ati2mtag - ok
22:13:43.0968 0828 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:13:44.0156 0828 Atmarpc - ok
22:13:44.0187 0828 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:13:44.0359 0828 audstub - ok
22:13:44.0421 0828 BazisVirtualCDBus (a2ecece11639fea1ccb66d853451f7e2) C:\WINDOWS\system32\DRIVERS\BazisVirtualCDBus.sys
22:13:44.0515 0828 BazisVirtualCDBus - ok
22:13:44.0562 0828 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
22:13:44.0671 0828 BCM43XX - ok
22:13:44.0687 0828 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:13:44.0750 0828 bcm4sbxp - ok
22:13:44.0765 0828 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:13:44.0937 0828 Beep - ok
22:13:44.0953 0828 BLKWGU(Belkin) - ok
22:13:45.0015 0828 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:13:45.0203 0828 cbidf - ok
22:13:45.0203 0828 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:13:45.0375 0828 cbidf2k - ok
22:13:45.0421 0828 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:13:45.0500 0828 cd20xrnt - ok
22:13:45.0515 0828 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:13:45.0687 0828 Cdaudio - ok
22:13:45.0750 0828 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:13:45.0890 0828 Cdfs - ok
22:13:45.0953 0828 Cdrom (e371f6e309db4260544e452fc1f8f906) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:13:45.0968 0828 Cdrom ( UnsignedFile.Multi.Generic ) - warning
22:13:45.0968 0828 Cdrom - detected UnsignedFile.Multi.Generic (1)
22:13:45.0984 0828 Changer - ok
22:13:46.0031 0828 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:13:46.0203 0828 CmBatt - ok
22:13:46.0234 0828 CmdIde (f6f17a1ab440c70b0bf3d5b08aac40da) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:13:46.0421 0828 CmdIde - ok
22:13:46.0437 0828 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:13:46.0593 0828 Compbatt - ok
22:13:46.0640 0828 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:13:46.0796 0828 Cpqarray - ok
22:13:46.0828 0828 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:13:47.0000 0828 dac2w2k - ok
22:13:47.0031 0828 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:13:47.0203 0828 dac960nt - ok
22:13:47.0234 0828 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:13:47.0406 0828 Disk - ok
22:13:47.0468 0828 dmboot (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys
22:13:47.0687 0828 dmboot - ok
22:13:47.0718 0828 dmio (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys
22:13:47.0875 0828 dmio - ok
22:13:47.0906 0828 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:13:48.0078 0828 dmload - ok
22:13:48.0140 0828 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:13:48.0281 0828 DMusic - ok
22:13:48.0328 0828 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:13:48.0484 0828 dpti2o - ok
22:13:48.0500 0828 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:13:48.0640 0828 drmkaud - ok
22:13:48.0671 0828 E100B (dc99d59f311f829693528e6ee91810c8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:13:48.0843 0828 E100B - ok
22:13:48.0890 0828 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:13:49.0078 0828 Fastfat - ok
22:13:49.0093 0828 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:13:49.0250 0828 Fdc - ok
22:13:49.0281 0828 Fips (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys
22:13:49.0421 0828 Fips - ok
22:13:49.0437 0828 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:13:49.0609 0828 Flpydisk - ok
22:13:49.0671 0828 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:13:49.0812 0828 FltMgr - ok
22:13:49.0875 0828 frjdehy (e6d35f3aa51a65eb35c1f2340154a25e) C:\WINDOWS\system32\drivers\some.sys
22:13:49.0890 0828 frjdehy ( UnsignedFile.Multi.Generic ) - warning
22:13:49.0890 0828 frjdehy - detected UnsignedFile.Multi.Generic (1)
22:13:49.0921 0828 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:13:50.0093 0828 Fs_Rec - ok
22:13:50.0125 0828 Ftdisk (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:13:50.0296 0828 Ftdisk - ok
22:13:50.0359 0828 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:13:50.0500 0828 Gpc - ok
22:13:50.0578 0828 hamachi (14d11f508e649f1499bd32e145ba80cb) C:\WINDOWS\system32\DRIVERS\hamachi.sys
22:13:50.0593 0828 hamachi - ok
22:13:50.0656 0828 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:13:50.0796 0828 HDAudBus - ok
22:13:50.0843 0828 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:13:50.0968 0828 HidUsb - ok
22:13:51.0000 0828 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:13:51.0156 0828 hpn - ok
22:13:51.0250 0828 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
22:13:51.0375 0828 HSF_DPV - ok
22:13:51.0406 0828 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
22:13:51.0437 0828 HSXHWAZL - ok
22:13:51.0500 0828 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:13:51.0578 0828 HTTP - ok
22:13:51.0640 0828 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:13:51.0781 0828 i2omgmt - ok
22:13:51.0828 0828 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:13:52.0000 0828 i2omp - ok
22:13:52.0015 0828 i8042prt (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:13:52.0156 0828 i8042prt - ok
22:13:52.0187 0828 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:13:52.0312 0828 Imapi - ok
22:13:52.0375 0828 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:13:52.0546 0828 ini910u - ok
22:13:52.0578 0828 IntelIde (0d3140db49f05b2b69467bd5daf1c94b) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:13:52.0703 0828 IntelIde - ok
22:13:52.0765 0828 intelppm (da153edc09de8c4f846c085caa39d1cc) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:13:52.0921 0828 intelppm - ok
22:13:52.0984 0828 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:13:53.0125 0828 Ip6Fw - ok
22:13:53.0156 0828 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:13:53.0328 0828 IpFilterDriver - ok
22:13:53.0390 0828 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:13:53.0531 0828 IpInIp - ok
22:13:53.0562 0828 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:13:53.0687 0828 IpNat - ok
22:13:53.0718 0828 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:13:53.0843 0828 IPSec - ok
22:13:53.0875 0828 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:13:54.0015 0828 IRENUM - ok
22:13:54.0078 0828 isapnp (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:13:54.0203 0828 isapnp - ok
22:13:54.0234 0828 Kbdclass (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:13:54.0375 0828 Kbdclass - ok
22:13:54.0421 0828 kbdhid (f718dcddac2544bc693f22977d06f78b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:13:54.0546 0828 kbdhid - ok
22:13:54.0578 0828 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:13:54.0703 0828 kmixer - ok
22:13:54.0765 0828 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:13:54.0828 0828 KSecDD - ok
22:13:54.0843 0828 lbrtfdc - ok
22:13:54.0921 0828 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
22:13:54.0937 0828 MBAMProtector - ok
22:13:55.0000 0828 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:13:55.0015 0828 mdmxsdk - ok
22:13:55.0062 0828 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:13:55.0234 0828 mnmdd - ok
22:13:55.0296 0828 Modem (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys
22:13:55.0421 0828 Modem - ok
22:13:55.0437 0828 Mouclass (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:13:55.0578 0828 Mouclass - ok
22:13:55.0593 0828 mouhid (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:13:55.0765 0828 mouhid - ok
22:13:55.0843 0828 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:13:55.0968 0828 MountMgr - ok
22:13:56.0031 0828 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
22:13:56.0062 0828 MpFilter - ok
22:13:56.0171 0828 MpKslc8af47f8 - ok
22:13:56.0171 0828 MpKsld191a582 - ok
22:13:56.0171 0828 MpKsle44d6688 - ok
22:13:56.0218 0828 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:13:56.0406 0828 mraid35x - ok
22:13:56.0437 0828 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:13:56.0593 0828 MRxDAV - ok
22:13:56.0656 0828 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:13:56.0781 0828 MRxSmb - ok
22:13:56.0812 0828 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:13:56.0953 0828 Msfs - ok
22:13:57.0031 0828 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:13:57.0187 0828 MSKSSRV - ok
22:13:57.0218 0828 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:13:57.0359 0828 MSPCLOCK - ok
22:13:57.0375 0828 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:13:57.0515 0828 MSPQM - ok
22:13:57.0578 0828 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:13:57.0703 0828 mssmbios - ok
22:13:57.0765 0828 MtxIic (151126e703b4a05672de41fdaf74137e) C:\WINDOWS\system32\drivers\MtxIicKrnlNT.sys
22:13:57.0781 0828 MtxIic ( UnsignedFile.Multi.Generic ) - warning
22:13:57.0781 0828 MtxIic - detected UnsignedFile.Multi.Generic (1)
22:13:57.0843 0828 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:13:57.0921 0828 Mup - ok
22:13:58.0031 0828 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:13:58.0156 0828 NDIS - ok
22:13:58.0218 0828 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:13:58.0281 0828 NdisTapi - ok
22:13:58.0296 0828 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:13:58.0453 0828 Ndisuio - ok
22:13:58.0515 0828 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:13:58.0671 0828 NdisWan - ok
22:13:58.0734 0828 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:13:58.0812 0828 NDProxy - ok
22:13:58.0828 0828 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:13:58.0968 0828 NetBIOS - ok
22:13:58.0984 0828 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:13:59.0140 0828 NetBT - ok
22:13:59.0218 0828 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
22:13:59.0343 0828 nm - ok
22:13:59.0406 0828 nmwcd (9a908a9bb857c2cceb2907eb9dcaeb8b) C:\WINDOWS\system32\drivers\ccdcmb.sys
22:13:59.0500 0828 nmwcd - ok
22:13:59.0562 0828 nmwcdc (68ec3ee2348e475ea62c66e6aafcfc9b) C:\WINDOWS\system32\drivers\ccdcmbo.sys
22:13:59.0609 0828 nmwcdc - ok
22:13:59.0625 0828 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:13:59.0765 0828 Npfs - ok
22:13:59.0812 0828 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:14:00.0015 0828 Ntfs - ok
22:14:00.0046 0828 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:14:00.0234 0828 Null - ok
22:14:00.0343 0828 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:14:00.0593 0828 nv - ok
22:14:00.0656 0828 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:14:00.0812 0828 NwlnkFlt - ok
22:14:00.0843 0828 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:14:01.0015 0828 NwlnkFwd - ok
22:14:01.0078 0828 NWUSBModem (82ffcd88f84aa83c00ed68d2c9dd6510) C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
22:14:01.0140 0828 NWUSBModem - ok
22:14:01.0203 0828 NWUSBPort (82ffcd88f84aa83c00ed68d2c9dd6510) C:\WINDOWS\system32\DRIVERS\nwusbser.sys
22:14:01.0218 0828 NWUSBPort - ok
22:14:01.0296 0828 Parport (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys
22:14:01.0468 0828 Parport - ok
22:14:01.0484 0828 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:14:01.0656 0828 PartMgr - ok
22:14:01.0687 0828 ParVdm (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys
22:14:01.0859 0828 ParVdm - ok
22:14:01.0921 0828 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
22:14:01.0953 0828 pccsmcfd - ok
22:14:02.0000 0828 PCI (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys
22:14:02.0140 0828 PCI - ok
22:14:02.0140 0828 PCIDump - ok
22:14:02.0187 0828 PCIIde (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:14:02.0359 0828 PCIIde - ok
22:14:02.0421 0828 Pcmcia (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:14:02.0578 0828 Pcmcia - ok
22:14:02.0593 0828 PDCOMP - ok
22:14:02.0593 0828 PDFRAME - ok
22:14:02.0609 0828 PDRELI - ok
22:14:02.0625 0828 PDRFRAME - ok
22:14:02.0671 0828 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:14:02.0828 0828 perc2 - ok
22:14:02.0875 0828 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:14:03.0031 0828 perc2hib - ok
22:14:03.0125 0828 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:14:03.0250 0828 PptpMiniport - ok
22:14:03.0265 0828 Processor (7a1367d250502c6416a4d3a19ef155f5) C:\WINDOWS\system32\DRIVERS\processr.sys
22:14:03.0390 0828 Processor - ok
22:14:03.0406 0828 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:14:03.0546 0828 PSched - ok
22:14:03.0625 0828 PSINAflt (9abf1d1da5afaaaa41fcbd940aa2e844) C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
22:14:03.0640 0828 PSINAflt - ok
22:14:03.0703 0828 PSINFile (5bab5fb4cb1963f643a1a8b4d816cf8f) C:\WINDOWS\system32\DRIVERS\PSINFile.sys
22:14:03.0703 0828 PSINFile - ok
22:14:03.0734 0828 PSINKNC (0518f472a69249e18612e29278bd58ec) C:\WINDOWS\system32\DRIVERS\psinknc.sys
22:14:03.0750 0828 PSINKNC - ok
22:14:03.0765 0828 PSINProc (87b2fe6d7b427947541360f48c302054) C:\WINDOWS\system32\DRIVERS\PSINProc.sys
22:14:03.0781 0828 PSINProc - ok
22:14:03.0812 0828 PSINProt (f4804beb5ff6741019b56a02ead4d3b7) C:\WINDOWS\system32\DRIVERS\PSINProt.sys
22:14:03.0812 0828 PSINProt - ok
22:14:03.0828 0828 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:14:04.0000 0828 Ptilink - ok
22:14:04.0078 0828 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:14:04.0078 0828 PxHelp20 - ok
22:14:04.0125 0828 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:14:04.0312 0828 ql1080 - ok
22:14:04.0343 0828 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:14:04.0515 0828 Ql10wnt - ok
22:14:04.0546 0828 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:14:04.0718 0828 ql12160 - ok
22:14:04.0750 0828 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:14:04.0906 0828 ql1240 - ok
22:14:04.0953 0828 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:14:05.0093 0828 ql1280 - ok
22:14:05.0125 0828 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:14:05.0281 0828 RasAcd - ok
22:14:05.0328 0828 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:14:05.0468 0828 Rasl2tp - ok
22:14:05.0484 0828 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:14:05.0609 0828 RasPppoe - ok
22:14:05.0625 0828 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:14:05.0765 0828 Raspti - ok
22:14:05.0843 0828 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:14:05.0984 0828 Rdbss - ok
22:14:06.0015 0828 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:14:06.0140 0828 RDPCDD - ok
22:14:06.0171 0828 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:14:06.0296 0828 rdpdr - ok
22:14:06.0359 0828 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:14:06.0406 0828 RDPWD - ok
22:14:06.0468 0828 redbook (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:14:06.0609 0828 redbook - ok
22:14:06.0656 0828 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:14:06.0687 0828 rimmptsk - ok
22:14:06.0765 0828 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
22:14:06.0796 0828 SBKUPNT ( UnsignedFile.Multi.Generic ) - warning
22:14:06.0796 0828 SBKUPNT - detected UnsignedFile.Multi.Generic (1)
22:14:06.0859 0828 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:14:07.0000 0828 sdbus - ok
22:14:07.0078 0828 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:14:07.0203 0828 Secdrv - ok
22:14:07.0265 0828 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:14:07.0406 0828 serenum - ok
22:14:07.0437 0828 Serial (d07b02f88165e69b9f17162cf592c8a6) C:\WINDOWS\system32\DRIVERS\serial.sys
22:14:07.0562 0828 Serial - ok
22:14:07.0640 0828 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:14:07.0765 0828 sffdisk - ok
22:14:07.0796 0828 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:14:07.0937 0828 sffp_sd - ok
22:14:08.0000 0828 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
22:14:08.0125 0828 Sfloppy - ok
22:14:08.0140 0828 Simbad - ok
22:14:08.0203 0828 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:14:08.0343 0828 sisagp - ok
22:14:08.0375 0828 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:14:08.0437 0828 Sparrow - ok
22:14:08.0500 0828 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:14:08.0640 0828 splitter - ok
22:14:08.0656 0828 sr (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys
22:14:08.0796 0828 sr - ok
22:14:08.0875 0828 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:14:08.0968 0828 Srv - ok
22:14:09.0093 0828 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
22:14:09.0250 0828 STHDA - ok
22:14:09.0312 0828 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:14:09.0546 0828 swenum - ok
22:14:09.0562 0828 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:14:09.0687 0828 swmidi - ok
22:14:09.0765 0828 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:14:09.0937 0828 symc810 - ok
22:14:09.0968 0828 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:14:10.0125 0828 symc8xx - ok
22:14:10.0156 0828 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:14:10.0296 0828 sym_hi - ok
22:14:10.0328 0828 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:14:10.0484 0828 sym_u3 - ok
22:14:10.0546 0828 SynTP (23fe1f173996b8bad4b9ed74003676d8) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:14:10.0593 0828 SynTP - ok
22:14:10.0625 0828 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:14:10.0765 0828 sysaudio - ok
22:14:10.0843 0828 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:14:11.0015 0828 Tcpip - ok
22:14:11.0078 0828 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:14:11.0234 0828 TDPIPE - ok
22:14:11.0296 0828 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:14:11.0453 0828 TDTCP - ok
22:14:11.0484 0828 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:14:11.0625 0828 TermDD - ok
22:14:11.0671 0828 TosIde (f37062a534b2e34560950607b1fef2c1) C:\WINDOWS\system32\DRIVERS\toside.sys
22:14:11.0859 0828 TosIde - ok
22:14:11.0921 0828 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:14:12.0062 0828 Udfs - ok
22:14:12.0093 0828 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:14:12.0171 0828 ultra - ok
22:14:12.0234 0828 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:14:12.0406 0828 Update - ok
22:14:12.0453 0828 upperdev (a34560a5d516a2f5240180370866b99d) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
22:14:12.0515 0828 upperdev - ok
22:14:12.0578 0828 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:14:12.0734 0828 usbccgp - ok
22:14:12.0750 0828 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:14:12.0875 0828 usbehci - ok
22:14:12.0921 0828 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:14:13.0062 0828 usbhub - ok
22:14:13.0125 0828 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:14:13.0250 0828 usbohci - ok
22:14:13.0312 0828 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:14:13.0468 0828 usbprint - ok
22:14:13.0515 0828 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:14:13.0656 0828 usbscan - ok
22:14:13.0718 0828 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:14:13.0843 0828 usbser - ok
22:14:13.0906 0828 UsbserFilt (6410eebd6e0427466812858ee84c8467) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
22:14:13.0953 0828 UsbserFilt - ok
22:14:13.0984 0828 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:14:14.0125 0828 USBSTOR - ok
22:14:14.0156 0828 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:14:14.0281 0828 usbuhci - ok
22:14:14.0343 0828 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\drivers\VCdRom.sys
22:14:14.0375 0828 vcdrom ( UnsignedFile.Multi.Generic ) - warning
22:14:14.0375 0828 vcdrom - detected UnsignedFile.Multi.Generic (1)
22:14:14.0390 0828 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:14:14.0531 0828 VgaSave - ok
22:14:14.0593 0828 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:14:14.0734 0828 viaagp - ok
22:14:14.0796 0828 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:14:14.0921 0828 ViaIde - ok
22:14:14.0937 0828 VolSnap (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys
22:14:15.0062 0828 VolSnap - ok
22:14:15.0125 0828 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:14:15.0265 0828 Wanarp - ok
22:14:15.0359 0828 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:14:15.0390 0828 Wdf01000 - ok
22:14:15.0390 0828 WDICA - ok
22:14:15.0453 0828 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:14:15.0593 0828 wdmaud - ok
22:14:15.0687 0828 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
22:14:15.0796 0828 winachsf - ok
22:14:15.0890 0828 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:14:16.0031 0828 WmiAcpi - ok
22:14:16.0078 0828 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:14:16.0125 0828 WpdUsb - ok
22:14:16.0187 0828 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:14:16.0265 0828 WudfPf - ok
22:14:16.0296 0828 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:14:16.0312 0828 WudfRd - ok
22:14:16.0343 0828 ZDPSp50 - ok
22:14:16.0375 0828 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:14:16.0671 0828 \Device\Harddisk0\DR0 - ok
22:14:16.0671 0828 Boot (0x1200) (dc815045b509cbe3f3a4365d92c4c3ef) \Device\Harddisk0\DR0\Partition0
22:14:16.0671 0828 \Device\Harddisk0\DR0\Partition0 - ok
22:14:16.0671 0828 ============================================================
22:14:16.0671 0828 Scan finished
22:14:16.0671 0828 ============================================================
22:14:16.0828 2708 Detected object count: 6
22:14:16.0828 2708 Actual detected object count: 6
22:14:23.0531 2708 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:23.0531 2708 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:23.0531 2708 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:23.0531 2708 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:23.0531 2708 frjdehy ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:23.0531 2708 frjdehy ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:23.0531 2708 MtxIic ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:23.0531 2708 MtxIic ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:23.0546 2708 SBKUPNT ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:23.0546 2708 SBKUPNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:23.0546 2708 vcdrom ( UnsignedFile.Multi.Generic ) - skipped by user
22:14:23.0546 2708 vcdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:14:26.0968 2200 Deinitialize success


Step 3 - unfortunately, ComboFix doesn't appear to work. It crashes, closing the program and offering to send a report to Microsoft. The blue combofix screen opens briefly, but doesn't display anything and closes quickly. On one occasion, an error about "himem" flashed up briefly.

#4 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 25 February 2012 - 04:33 PM

Let's try another way:

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#5 thekingofkings

thekingofkings

    New Member

  • Members
  • Pip
  • 4 posts

Posted 25 February 2012 - 07:29 PM

Just letting you know - the computer seems very slow now, and it was crashing frequently earlier - behaviour that it wasn't showing before attempting to run Combofix.

The internet has also slowed down quite a bit, too.

The logfile -

Extras.txt

OTL Extras logfile created on: 2012-02-26 01:11:31 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Marta\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

893,97 Mb Total Physical Memory | 212,03 Mb Available Physical Memory | 23,72% Memory free
2,12 Gb Paging File | 1,51 Gb Available in Paging File | 71,37% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,39 Gb Total Space | 2,53 Gb Free Space | 3,39% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: MRATAJSZCZAK | User Name: Marta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Psi-pedrito\Psi.exe" = C:\Program Files\Psi-pedrito\Psi.exe:*:Enabled:Psi
"C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\Psi\psi.exe" = C:\Program Files\Psi\psi.exe:*:Enabled:psi
"C:\psi-cherry\psi.exe" = C:\psi-cherry\psi.exe:*:Enabled:psi
"C:\Program Files\Last.fm\LastFM.exe" = C:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm -- (Last.fm)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
"C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service -- (Kontiki Inc.)
"C:\Program Files\Octoshape Streaming Services\Marta\OctoshapeClient.exe" = C:\Program Files\Octoshape Streaming Services\Marta\OctoshapeClient.exe:*:Enabled:OctoshapeClient -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
"C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe" = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:*:Enabled:CLI Application (Command Line Interface) -- (ATI Technologies Inc.)
"C:\WINDOWS\system32\drivers\svchost.exe" = C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:WinRAR archiver
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe" = C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\OpenTTD\openttd.exe" = C:\Program Files\OpenTTD\openttd.exe:*:Enabled:OpenTTD -- (OpenTTD Development Team)
"C:\Program Files\PartyGaming\PartyGaming.exe" = C:\Program Files\PartyGaming\PartyGaming.exe:*:Enabled:PartyGaming -- ()
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\Broadcom\BACS\BACS.exe" = C:\Program Files\Broadcom\BACS\BACS.exe:*:Enabled:Broadcom Advanced Control Suite 2 -- (Broadcom)
"C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_Plugin.exe" = C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_Plugin.exe:*:Enabled:Adobe® Flash® Player Installer/Uninstaller 10.2 r153 -- (Adobe Systems, Inc.)
"C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" = C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe:*:Enabled:Panda Cloud Antivirus -- (Panda Security, S.L.)
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" = C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe:*:Enabled:Nokia Launch Application -- (Nokia)
"C:\Program Files\Common Files\Java\Java Update\jucheck.exe" = C:\Program Files\Common Files\Java\Java Update\jucheck.exe:*:Enabled:Java™ Update Checker -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Marta\Moje dokumenty\Downloads\SUPERAntiSpyware.exe" = C:\Documents and Settings\Marta\Moje dokumenty\Downloads\SUPERAntiSpyware.exe:*:Enabled:SUPERAntiSpyware Free Edition Setup -- (SUPERAntiSpyware.com)
"C:\Program Files\SUPERAntiSpyware\SSUpdate.exe" = C:\Program Files\SUPERAntiSpyware\SSUpdate.exe:*:Enabled:SUPERAntiSpyware Update Application
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe:*:Enabled:SUPERAntiSpyware Application
"C:\Documents and Settings\Marta\Moje dokumenty\Downloads\tdsskiller.exe" = C:\Documents and Settings\Marta\Moje dokumenty\Downloads\tdsskiller.exe:*:Enabled:TDSS rootkit removing tool -- (Kaspersky Lab ZAO)
"C:\Documents and Settings\Marta\Ustawienia lokalne\Temp\jre-6u31-windows-i586-iftw-rv.exe" = C:\Documents and Settings\Marta\Ustawienia lokalne\Temp\jre-6u31-windows-i586-iftw-rv.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes Anti-Malware -- (Malwarebytes Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"C:\ComboFix\ComboFix-Download.3XE" = C:\ComboFix\ComboFix-Download.3XE:*:Enabled:ComboFix-Download


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0FD9A6A9-6784-4937-A685-05DB3C6A1EBA}" = Matrox DualHead2Go
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{1D2EBDC8-0A91-4DF7-9730-AC8282A13CDF}" = Matrox PowerDesk-SE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2D43FD89-B225-4334-B4AA-0983400BE61B}" = Windows Presentation Foundation Language Pack (PLK)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{30F76E45-E64F-3891-272D-7C6BE119D200}" = Wirtualny Ogród PRO
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AE08592-EAB2-4E47-A8CF-B7A51F803957}" = OpenOffice.ux.pl 2.2.0
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{495998C4-FC8A-4302-82E0-53DE4D7A8F56}" = Windows Communication Foundation Language Pack - PLK
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4F04D584-09FC-4CB4-88D1-7D176C0031DB}" = Imagination Image Map Editor
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5783F2D7-5001-0415-0002-0060B0CE6BBA}" = AutoCAD 2007 - Polski
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter
"{5AF71003-1797-4D93-9F37-4F2125CBF539}" = Microsoft .NET Framework 2.0 Language Pack - PLK
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{70116A0B-D995-4F99-A45F-2E8D07F3C626}" = Piranesi Demonstration
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3
"{7CA4F780-7AD0-417A-82A1-46EB825CFD53}" = HP Managed Printing Admin
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2007
"{90120000-0017-0409-0000-0000000FF1CE}_OMUI.en-us_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.en-us_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.en-us_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.en-us_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_OMUI.en-us_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0409-0000-0000000FF1CE}" = Microsoft Office O MUI (English) 2007
"{90120000-0100-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0409-0000-0000000FF1CE}" = Microsoft Office X MUI (English) 2007
"{90120000-0101-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_OMUI.en-us_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_OMUI.en-us_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.1
"{AE17CF38-C912-4EFE-9620-AFED5607F018}" = Multimedia Mouse Driver
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}" = Seagate Manager Installer
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D504303A-717D-414C-BA9F-FE01093E2EF8}" = Adobe Setup
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DB76863D-D4D9-4AB3-AFDC-26717BA1E11C}" = Windows Workflow Foundation PL Language Pack
"{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6963450-7577-4049-8793-2B66B85237C1}" = ATI Catalyst Control Center
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs
"{FD593DE6-C3A0-4722-8E86-9DEEF0A93290}" = Microsoft .NET Framework 3.0 Polish Language Pack
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"50 tree symbols for AutoCAD" = 50 tree symbols for AutoCAD
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Pakiet sterowników systemu Windows - Nokia Modem (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Pakiet sterowników systemu Windows - Nokia Modem (10/27/2008 3.9)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_5bc0f8414ec36c555a3e7e5ec2e225e" = Adobe ExtendScript Toolkit 2
"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"BeebEm_is1" = BeebEm V3.85
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Category B Tests_is1" = Category B Tests 2010
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.gardenphilia.VD3DD" = Wirtualny Ogród PRO
"CompuApps SwissKnife V3" = CompuApps SwissKnife V3
"D-Fend Reloaded" = D-Fend Reloaded 0.6.1 (deinstall)
"ffdshow_is1" = ffdshow [rev 1703] [2007-12-15]
"Fuse" = Free Unix Spectrum Emulator (Fuse) 0.10.0.2
"Gadu-Gadu" = Gadu-Gadu 7.7
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{70116A0B-D995-4F99-A45F-2E8D07F3C626}" = Piranesi 5 Demonstration
"InstallShield_{AE17CF38-C912-4EFE-9620-AFED5607F018}" = Multimedia Mouse Driver
"InstallShield_{BB6D4A78-4BDB-4FBD-81CB-00DC2FC2BF41}" = Seagate Manager Installer
"iPlus Manager_is1" = iPlus Manager 1.91
"LastFM_is1" = Last.fm 1.5.1.30182
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Mapedit" = Mapedit
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - PLK" = Microsoft .NET Framework 2.0 — pakiet języka polskiego
"Microsoft .NET Framework 3.0 Polish Language Pack" = Pakiet języka polskiego dla systemu Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 10.0.2 (x86 en-GB)" = Mozilla Firefox 10.0.2 (x86 en-GB)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"New Star Soccer 3" = New Star Soccer 3
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"OMUI.en-us" = Microsoft Office Language Pack 2007 - English
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.1.2
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"PartyPoker" = PartyPoker
"Picasa2" = Picasa 2
"Sonar" = Sonar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Universal Document Converter_is1" = Universal Document Converter
"VLC media player" = VLC media player 0.9.8a
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"WinCDEmu" = WinCDEmu
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR
"WinWar II" = WinWar II
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZMBV" = Zip Motion Block Video codec (Remove Only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape Streaming Services" = Octoshape Streaming Services

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2012-01-05 06:07:11 | Computer Name = MRATAJSZCZAK | Source = WmiAdapter | ID = 4099
Description = Otwarcie usługi nie powiodło się.

Error - 2012-01-11 06:43:53 | Computer Name = MRATAJSZCZAK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winwarii.exe, wersja 0.0.0.0, moduł powodujący
błąd kernel32.dll, wersja 5.1.2600.5781, adres błędu 0x00012afb.

Error - 2012-01-16 12:11:14 | Computer Name = MRATAJSZCZAK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł
powodujący błąd ole32.dll, wersja 5.1.2600.6168, adres błędu 0x0002048c.

Error - 2012-01-17 15:18:40 | Computer Name = MRATAJSZCZAK | Source = ESENT | ID = 490
Description = wuauclt (2728) Próba otwarcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
w trybie odczytu lub zapisu zakończyła się niepomyślnie z błędem systemowym 32
(0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany
przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032
(0xfffffbf8).

Error - 2012-01-17 15:18:40 | Computer Name = MRATAJSZCZAK | Source = ESENT | ID = 455
Description = wuaueng.dll (2728) SUS20ClientDataStore: Wystąpił błąd -1032 (0xfffffbf8)
podczas otwierania pliku dziennika C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 2012-01-25 05:22:10 | Computer Name = MRATAJSZCZAK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd onetouchaccess.exe, wersja 7.1.116.0, moduł
powodujący błąd mfc80u.dll, wersja 8.0.50727.6195, adres błędu 0x00023c55.

Error - 2012-01-25 05:28:48 | Computer Name = MRATAJSZCZAK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd onetouchaccess.exe, wersja 7.1.116.0, moduł
powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0004487f.

Error - 2012-02-25 09:09:21 | Computer Name = MRATAJSZCZAK | Source = JavaQuickStarterService | ID = 1
Description =

Error - 2012-02-25 19:50:45 | Computer Name = MRATAJSZCZAK | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2012-02-25 20:01:49 | Computer Name = MRATAJSZCZAK | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd psunmain.exe, wersja 3.0.0.79, moduł powodujący
błąd ieframe.dll, wersja 8.0.6001.19190, adres błędu 0x00125e18.

[ System Events ]
Error - 2012-02-25 19:59:43 | Computer Name = MRATAJSZCZAK | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 2012-02-25 20:00:38 | Computer Name = MRATAJSZCZAK | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 2012-02-25 20:00:38 | Computer Name = MRATAJSZCZAK | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 2012-02-25 20:01:28 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7022
Description = Usługa KService zawiesiła się podczas uruchamiania.

Error - 2012-02-25 20:01:32 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7023
Description = Usługa Rozpoznawanie lokalizacji w sieci (NLA) zakończyła działanie;
wystąpił następujący błąd: %%127

Error - 2012-02-25 20:01:34 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7023
Description = Usługa Rozpoznawanie lokalizacji w sieci (NLA) zakończyła działanie;
wystąpił następujący błąd: %%127

Error - 2012-02-25 20:01:34 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7023
Description = Usługa Rozpoznawanie lokalizacji w sieci (NLA) zakończyła działanie;
wystąpił następujący błąd: %%127

Error - 2012-02-25 20:01:37 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7023
Description = Usługa Rozpoznawanie lokalizacji w sieci (NLA) zakończyła działanie;
wystąpił następujący błąd: %%127

Error - 2012-02-25 20:01:38 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7023
Description = Usługa Rozpoznawanie lokalizacji w sieci (NLA) zakończyła działanie;
wystąpił następujący błąd: %%127

Error - 2012-02-25 20:01:39 | Computer Name = MRATAJSZCZAK | Source = Service Control Manager | ID = 7023
Description = Usługa Rozpoznawanie lokalizacji w sieci (NLA) zakończyła działanie;
wystąpił następujący błąd: %%127


< End of report >


And OTL.txt

OTL logfile created on: 2012-02-26 01:11:31 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Marta\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

893,97 Mb Total Physical Memory | 212,03 Mb Available Physical Memory | 23,72% Memory free
2,12 Gb Paging File | 1,51 Gb Available in Paging File | 71,37% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,39 Gb Total Space | 2,53 Gb Free Space | 3,39% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: MRATAJSZCZAK | User Name: Marta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-02-26 01:07:54 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marta\Pulpit\OTL.exe
PRC - [2012-02-19 15:11:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe
PRC - [2012-02-19 15:11:22 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.6 Beta 5\plugin-container.exe
PRC - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-04-28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011-04-28 12:59:46 | 000,460,096 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANToManager.exe
PRC - [2011-04-28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2009-03-27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008-11-11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008-09-19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008-06-03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-07-09 15:01:04 | 000,204,800 | ---- | M] (OptionNV) -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax\GtDetectSc.exe
PRC - [2007-07-09 15:01:04 | 000,204,800 | ---- | M] (Option) -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax\GtFlashSwitch.exe
PRC - [2007-04-23 11:23:14 | 001,032,640 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KHost.exe
PRC - [2007-04-23 11:22:14 | 003,068,352 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
PRC - [2006-10-19 12:03:06 | 000,233,472 | ---- | M] () -- C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk.Services.exe
PRC - [2006-09-22 11:06:26 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006-08-23 16:13:28 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006-01-02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (No Company Name) ==========

MOD - [2012-02-19 15:11:27 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox 3.6 Beta 5\mozjs.dll
MOD - [2012-01-06 13:13:22 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_228f0b01\mscorlib.dll
MOD - [2012-01-06 13:13:18 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_cf1d68a5\system.drawing.dll
MOD - [2012-01-06 13:13:02 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_963bf094\system.xml.dll
MOD - [2012-01-06 13:12:50 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f8bb6aeb\system.windows.forms.dll
MOD - [2012-01-06 13:12:15 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e687239b\system.dll
MOD - [2012-01-06 13:11:29 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012-01-06 13:11:28 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012-01-06 13:11:17 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011-03-25 17:04:44 | 006,053,536 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008-09-19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
MOD - [2008-06-20 17:04:23 | 000,246,784 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008-06-03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
MOD - [2007-02-14 12:55:11 | 000,165,424 | ---- | M] () -- C:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll
MOD - [2007-02-14 12:55:10 | 000,099,888 | ---- | M] () -- C:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll
MOD - [2006-11-01 04:48:18 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2006-10-19 12:03:06 | 000,233,472 | ---- | M] () -- C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk.Services.exe
MOD - [2004-09-20 10:28:20 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2004-09-20 10:28:18 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2004-09-20 10:28:18 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2004-09-20 10:28:18 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2004-09-20 10:27:32 | 000,237,568 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2004-09-20 10:27:32 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_pl_b77a5c561934e089\system.windows.forms.resources.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (zpsc)
SRV - File not found [Auto | Stopped] -- -- (zebrsce)
SRV - File not found [Auto | Stopped] -- -- (wmdmpmsp)
SRV - File not found [Auto | Stopped] -- -- (wencrservice)
SRV - File not found [Auto | Stopped] -- -- (wdelmgr20)
SRV - File not found [Auto | Stopped] -- -- (WaveEnrollmentService)
SRV - File not found [Auto | Stopped] -- -- (useraccess)
SRV - File not found [Auto | Stopped] -- -- (uagp35)
SRV - File not found [Auto | Stopped] -- -- (tunnelguardservice)
SRV - File not found [Auto | Stopped] -- -- (tga)
SRV - File not found [Auto | Stopped] -- -- (tb2launch)
SRV - File not found [Auto | Stopped] -- -- (Si3114r5)
SRV - File not found [Auto | Stopped] -- -- (servicemgr)
SRV - File not found [Auto | Stopped] -- -- (se44nd5)
SRV - File not found [Auto | Stopped] -- -- (SE2Bobex)
SRV - File not found [Auto | Stopped] -- -- (RAPIProtocol)
SRV - File not found [Auto | Stopped] -- -- (QV2KUX)
SRV - File not found [Auto | Stopped] -- -- (pae_1394)
SRV - File not found [Auto | Stopped] -- -- (nwcworkstation)
SRV - File not found [Auto | Stopped] -- -- (nscservice)
SRV - File not found [Auto | Stopped] -- -- (nimdbgk)
SRV - File not found [Auto | Stopped] -- -- (naveng)
SRV - File not found [Auto | Stopped] -- -- (msvad_simple)
SRV - File not found [Disabled | Stopped] -- -- (MsMpSvc)
SRV - File not found [Auto | Stopped] -- -- (mi-raysat_3dsMax2008_32)
SRV - File not found [Auto | Stopped] -- -- (mclogmanagerservice)
SRV - File not found [Auto | Stopped] -- -- (lvusbsta)
SRV - File not found [Auto | Stopped] -- -- (L8042mou)
SRV - File not found [Auto | Stopped] -- -- (JGOGO)
SRV - File not found [Auto | Stopped] -- -- (ispwdsvc)
SRV - File not found [Auto | Stopped] -- -- (IJPLMSVC)
SRV - File not found [Auto | Stopped] -- -- (hpqddsvc)
SRV - File not found [Auto | Stopped] -- -- (fssfltr)
SRV - File not found [Auto | Stopped] -- -- (fsaua)
SRV - File not found [Auto | Stopped] -- -- (dvd_2K)
SRV - File not found [Auto | Stopped] -- -- (diskperf)
SRV - File not found [Auto | Stopped] -- -- (CTAUDFX.DLL)
SRV - File not found [Auto | Stopped] -- -- (cpntsrv)
SRV - File not found [Auto | Stopped] -- -- (bridgemp)
SRV - File not found [Auto | Stopped] -- -- (AVRec)
SRV - File not found [Auto | Stopped] -- -- (AsuhfivrO)
SRV - File not found [Auto | Stopped] -- -- (agnfilt)
SRV - File not found [Auto | Stopped] -- -- (A88xTuner)
SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-04-28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2009-03-27 15:54:06 | 000,165,160 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008-11-11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-04-14 18:21:43 | 000,005,120 | ---- | M] (Iomega) [Auto | Stopped] -- C:\WINDOWS\system32\imonnt.dll -- (hcf_msft)
SRV - [2008-04-14 18:21:43 | 000,005,120 | ---- | M] (Iomega) [Auto | Stopped] -- C:\WINDOWS\system32\s116mdfl.dll -- (freebsd)
SRV - [2008-04-14 18:21:43 | 000,005,120 | ---- | M] (Iomega) [Auto | Stopped] -- C:\WINDOWS\system32\s217obex.dll -- (dmisrv)
SRV - [2008-04-14 18:21:43 | 000,005,120 | ---- | M] (Iomega) [Auto | Running] -- C:\WINDOWS\system32\imonnt.dll -- (bwmservice)
SRV - [2007-12-08 20:37:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007-09-20 16:56:23 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007-07-09 15:01:04 | 000,204,800 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax\GtDetectSc.exe -- (GtDetectSc)
SRV - [2007-07-09 15:01:04 | 000,204,800 | ---- | M] (Option) [Auto | Running] -- C:\Program Files\iPlus\Drivers\Driver2k\GTMax\GtFlashSwitch.exe -- (GtFlashSwitch)
SRV - [2007-04-23 11:22:14 | 003,068,352 | ---- | M] (Kontiki Inc.) [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2006-10-19 12:03:06 | 000,233,472 | ---- | M] () [Auto | Running] -- C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk.Services.exe -- (Matrox Centering Service)
SRV - [2006-08-23 16:13:28 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006-01-05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand | Stopped] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)


========== Driver Services (SafeList) ==========

DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-08-08 19:13:10 | 000,117,584 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
DRV - [2011-08-01 12:23:20 | 000,143,752 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011-04-28 12:57:57 | 000,112,456 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011-04-28 12:57:38 | 000,129,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011-04-28 12:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011-04-28 12:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2008-09-15 08:56:34 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-09-15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-09-15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-09-15 08:56:24 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 20:40:46 | 000,062,976 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008-04-13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007-10-09 19:35:13 | 000,026,056 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-07-09 15:00:48 | 000,077,952 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2007-07-09 15:00:48 | 000,077,952 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2006-11-03 06:34:00 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006-10-11 12:43:56 | 001,777,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006-09-22 11:06:26 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006-08-17 13:55:16 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006-07-01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005-10-03 14:55:30 | 000,020,992 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MtxIicKrnlNT.sys -- (MtxIic)
DRV - [2005-08-12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005-07-14 23:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2001-12-19 10:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\VCdRom.sys -- (vcdrom)
DRV - [2001-07-13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS -- (SBKUPNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-377963597-3303986255-504760233-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..extensions.enabledItems: {ff356687-aa08-463d-a46c-11c451824939}:5.5.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Program Files\Octoshape Streaming Services\Marta\octoprogram-L03-NMS0806091_SUA_000\npoctoshape.dll (Octoshape ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-02-19 14:13:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 5\components [2012-02-19 15:11:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 5\plugins [2011-04-10 11:38:16 | 000,000,000 | ---D | M]

[2008-06-17 23:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Extensions
[2012-02-12 20:20:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions
[2011-06-07 23:54:09 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-11-02 19:48:13 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2011-12-24 15:25:31 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-02-12 20:20:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-12-12 01:10:54 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2012-01-06 18:22:03 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\foxmarks@kei.com
[2009-03-13 16:38:57 | 000,000,000 | ---D | M] (Google Notebook) -- C:\Documents and Settings\Marta\Dane aplikacji\Mozilla\Firefox\Profiles\58gyi9j5.default\extensions\notebook@google.com
[2010-04-11 18:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\58GYI9J5.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTA\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\58GYI9J5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

O1 HOSTS File: ([2012-02-25 13:00:45 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Matrox PowerDesk SE] C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe (Matrox Graphics Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey File not found
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WireLessMouse] C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe File not found
O4 - HKU\S-1-5-21-377963597-3303986255-504760233-1005..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKU\S-1-5-21-377963597-3303986255-504760233-1005..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-377963597-3303986255-504760233-1005..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART File not found
O4 - HKU\.DEFAULT..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html File not found
O4 - HKU\S-1-5-18..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART File not found
O4 - HKU\S-1-5-18..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\Marta\Menu Start\Programy\Autostart\Sonar5.lnk = C:\INDE\INDE\sonar5.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-377963597-3303986255-504760233-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1177676766671 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A951C36E-8703-4532-B6BF-BC80B89B04A8}: DhcpNameServer = 62.21.99.95
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Marta\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marta\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004-09-20 10:19:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a4369f9b-1138-11dc-9297-0019b965b4c2}\Shell\AutoRun\command - "" = F:\USBNB.exe
O33 - MountPoints2\{b6f7ee9c-f020-11dc-9375-0019b965b4c2}\Shell - "" = AutoRun
O33 - MountPoints2\{b6f7ee9c-f020-11dc-9375-0019b965b4c2}\Shell\??(O)\command - "" = system.exe
O33 - MountPoints2\{b6f7ee9c-f020-11dc-9375-0019b965b4c2}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
O33 - MountPoints2\{dea5db65-ad0a-11df-a913-0019b965b4c2}\Shell - "" = Autorun
O33 - MountPoints2\{dea5db65-ad0a-11df-a913-0019b965b4c2}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 18:21:39 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\Z\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = Z:\SETUP.EXE
O33 - MountPoints2\Z\Shell\configure\command - "" = Z:\SETUP.EXE
O33 - MountPoints2\Z\Shell\install\command - "" = Z:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-02-26 01:07:51 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marta\Pulpit\OTL.exe
[2012-02-25 22:20:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-02-25 22:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marta\Pulpit\RK_Quarantine
[2012-02-25 21:23:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-02-25 18:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-02-25 18:53:02 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-02-25 18:53:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-02-25 13:52:00 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012-02-25 13:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2012-02-25 12:58:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Marta\Ustawienia lokalne\Dane aplikacji\fe3cf4a7
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-26 01:07:54 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marta\Pulpit\OTL.exe
[2012-02-26 01:01:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-02-26 00:59:25 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-26 00:59:15 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_log_trash.cmd
[2012-02-26 00:59:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-26 00:59:09 | 937,472,000 | -HS- | M] () -- C:\hiberfil.sys
[2012-02-25 23:29:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-02-25 22:27:25 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\muzuki.exc
[2012-02-25 20:31:49 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\fymmf.sys
[2012-02-25 20:30:00 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\hysx.sys
[2012-02-25 13:00:45 | 000,000,761 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-02-16 23:46:41 | 001,550,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-16 23:14:49 | 000,519,424 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-02-16 23:14:49 | 000,458,722 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-02-16 23:14:49 | 000,099,056 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-02-16 23:14:49 | 000,079,014 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-02-16 22:39:52 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-01-30 14:23:43 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Marta\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-25 22:58:52 | 937,472,000 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-25 22:20:49 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\muzuki.exc
[2012-02-25 20:31:49 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\fymmf.sys
[2012-02-25 20:30:00 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\hysx.sys
[2012-02-25 14:09:04 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_log_trash.cmd
[2012-02-15 15:35:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-15 15:35:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011-11-05 18:12:13 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBKUPNT.SYS
[2011-11-05 18:12:13 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\DEVLOAD.EXE
[2011-11-05 18:12:12 | 000,000,543 | ---- | C] () -- C:\WINDOWS\SWISV3.INI
[2011-11-05 18:12:10 | 000,000,287 | ---- | C] () -- C:\WINDOWS\SKNIFE.INI
[2011-11-05 18:11:46 | 000,002,799 | ---- | C] () -- C:\WINDOWS\SKLANG.INI
[2011-08-18 13:09:52 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2011-05-18 12:30:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-06-29 23:43:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

========== LOP Check ==========

[2007-09-20 16:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2011-04-10 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2008-04-16 00:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Channel4
[2010-12-27 22:16:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2009-02-19 14:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2012-02-26 01:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kontiki
[2007-10-14 23:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2007-04-28 14:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Matrox Graphics Inc
[2010-12-27 14:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-08-18 13:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security
[2009-02-19 14:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-12-17 23:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Seagate
[2011-12-31 12:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\YouTube Downloader
[2009-05-08 22:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Iwonka\Dane aplikacji\PC Suite
[2011-05-08 23:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\.anki
[2011-10-29 13:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Atari
[2007-09-20 17:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Autodesk
[2010-12-27 22:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\AVG10
[2009-04-01 19:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\BoutellDotCom
[2011-08-27 08:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\com.gardenphilia.VD3DD
[2010-02-08 08:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\DeepBurner
[2009-06-03 22:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\flightgear.org
[2009-06-03 22:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\fltk.org
[2007-11-23 01:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Gadu-Gadu
[2007-10-10 17:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Gajim
[2010-01-31 14:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\InfraRecorder
[2008-07-06 19:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\iPlus
[2007-04-29 19:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Leadertech
[2009-02-19 14:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Nokia
[2012-01-30 14:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\OpenOffice.ux.pl2
[2011-08-18 13:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\Panda Security
[2011-11-28 09:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marta\Dane aplikacji\PC Suite

========== Purity Check ==========



< End of report >


Thank you again for your help!

#6 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 26 February 2012 - 03:15 PM

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#7 thekingofkings

thekingofkings

    New Member

  • Members
  • Pip
  • 4 posts

Posted 26 February 2012 - 07:41 PM

Alas, ComboFix still refuses to run. It finishes the unpacking process, opens a blue text box, then closes. Nothing is displayed in the blue text box.

#8 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 27 February 2012 - 02:29 PM

Please try to run it in Safe Mode with Networking.
http://www.microsoft...e.mspx?mfr=true
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#9 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 03 March 2012 - 09:32 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users