Logi.rar

Spowolnienie pracy komputera,nie stabilna praca.

Pisałem na innym forum komputerowym zero odpowiedzi więc myślę że w tym forum są profesjonaliści i pomogą mi z tym problemem. Komputer działał marnie tzn przywieszał się przy aplikacjach np. gg,chrome itp. Nie mogłem zrobić Log'ów z Gmer ponieważ zawiesił mi się komputer,po resecie komputer zaczął chodzić jeszcze wolniej niż wcześniej. Dostałem też 3 nie miłe komunikaty BDOS. Kolejna sprawa robiłem już CHKDSK /R bardzo długo to trwało ponad trzy godziny reset wyłączyłem to bo jestem nie cierpliwy. Używałem też HD Tune bad sektorów zero i Health:OK. Ram też sprawdzałem są dobre,pożyczyłem od kolegi kości i to samo co było wcześniej. Taskmgr cały czas jest 80-100% zużycia procesora komputer dostaje zadyszki.Ten sam problem jest w Systemie awaryjny który z dużym opóźnieniem otwiera aplikacje. Dziękuje z góry. Nie wiem o jakie błędy chodziło dla Moderatora,ortograficzne ??

  • Logi.rar
    • TDSSKiller.2.5.13.0_01.08.2011_22.04.41_log.txt
    • log.txt
    • info.txt
    • Exstras.txt
    • OTL.txt
    • MBRCheck_08.01.11_21.59.36.txt
    • Startup Programs (SPECIAL-XP) 2011-08-01 16.34.48.txt


Pobierz plik - link do postu

Logi.rar > TDSSKiller.2.5.13.0_01.08.2011_22.04.41_log.txt

2011/08/01 22:04:41.0468 1936 TDSS rootkit removing tool 2.5.13.0 Jul 29 2011 17:24:11
2011/08/01 22:04:42.0312 1936 ================================================================================
2011/08/01 22:04:42.0312 1936 SystemInfo:
2011/08/01 22:04:42.0312 1936
2011/08/01 22:04:42.0312 1936 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/01 22:04:42.0312 1936 Product type: Workstation
2011/08/01 22:04:42.0312 1936 ComputerName: SPECIAL-XP
2011/08/01 22:04:42.0312 1936 UserName: Mateusz
2011/08/01 22:04:42.0312 1936 Windows directory: D:\WINDOWS
2011/08/01 22:04:42.0312 1936 System windows directory: D:\WINDOWS
2011/08/01 22:04:42.0312 1936 Processor architecture: Intel x86
2011/08/01 22:04:42.0312 1936 Number of processors: 1
2011/08/01 22:04:42.0312 1936 Page size: 0x1000
2011/08/01 22:04:42.0312 1936 Boot type: Normal boot
2011/08/01 22:04:42.0312 1936 ================================================================================
2011/08/01 22:04:44.0187 1936 Initialize success
2011/08/01 22:04:58.0843 3540 ================================================================================
2011/08/01 22:04:58.0843 3540 Scan started
2011/08/01 22:04:58.0843 3540 Mode: Manual;
2011/08/01 22:04:58.0843 3540 ================================================================================
2011/08/01 22:05:07.0968 3540 MBR (0x1B8) (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0
2011/08/01 22:05:08.0218 3540 Boot (0x1200) (d2c39fa3000ee03502cb018f61d731f0) \Device\Harddisk0\DR0\Partition0
2011/08/01 22:05:08.0265 3540 Boot (0x1200) (b2b6116db9bdddf37da0ebdc54d15b85) \Device\Harddisk0\DR0\Partition1
2011/08/01 22:05:08.0281 3540 ================================================================================
2011/08/01 22:05:08.0281 3540 Scan finished
2011/08/01 22:05:08.0281 3540 ================================================================================
2011/08/01 22:05:08.0328 2224 Detected object count: 0
2011/08/01 22:05:08.0328 2224 Actual detected object count: 0
2011/08/01 22:05:40.0531 2740 ================================================================================
2011/08/01 22:05:40.0531 2740 Scan started
2011/08/01 22:05:40.0531 2740 Mode: Manual;
2011/08/01 22:05:40.0531 2740 ================================================================================
2011/08/01 22:05:49.0328 2740 MBR (0x1B8) (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0
2011/08/01 22:05:49.0593 2740 Boot (0x1200) (d2c39fa3000ee03502cb018f61d731f0) \Device\Harddisk0\DR0\Partition0
2011/08/01 22:05:49.0625 2740 Boot (0x1200) (b2b6116db9bdddf37da0ebdc54d15b85) \Device\Harddisk0\DR0\Partition1
2011/08/01 22:05:49.0640 2740 ================================================================================
2011/08/01 22:05:49.0640 2740 Scan finished
2011/08/01 22:05:49.0640 2740 ================================================================================
2011/08/01 22:05:49.0687 2296 Detected object count: 0
2011/08/01 22:05:49.0687 2296 Actual detected object count: 0
2011/08/01 22:07:44.0343 2932 Deinitialize success


Logi.rar > log.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mateusz at 2011-08-01 16:30:33
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive D: has 3 GB (7%) free of 45 GB
Total RAM: 1277 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:30:49, on 2011-08-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\acs.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
D:\Program Files\ESET\ESET Smart Security\ekrn.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
D:\WINDOWS\system32\svchost.exe
E:\TU2011\TuneUpUtilitiesService32.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\WINDOWS\SGStiMon.exe
D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
D:\Program Files\Hot Keyboard\HotKeyb.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\uTorrent\uTorrent.exe
D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
E:\TU2011\TuneUpUtilitiesApp32.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Program Files\Internet Download Manager\IDMan.exe
D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs\OTL.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Program Files\eC\LRC\LRC.exe
D:\WINDOWS\notepad.exe
D:\WINDOWS\notepad.exe
D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs\RSIT.exe
D:\Program Files\trend micro\Mateusz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw & s={searchTerms} & f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - D:\PROGRA~1\DOWNLO~1\dmiehlp.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] " D:\Program Files\ESET\ESET Smart Security\egui.exe " /hide /waitservice
O4 - HKLM\..\Run: [SGCameraMonitor] D:\WINDOWS\SGStiMon.exe
O4 - HKLM\..\Run: [TWCU] " D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe " -nogui
O4 - HKLM\..\Run: [TNOD UP] " D:\Program Files\TNod User & Password Finder\TNODUP.exe " /i
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] " D:\Program Files\Common Files\Java\Java Update\jusched.exe "
O4 - HKLM\..\Run: [NokiaMServer] D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [Hot Keyboard] D:\Program Files\Hot Keyboard\HotKeyb.exe -minimized
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] " D:\Program Files\uTorrent\uTorrent.exe "
O4 - HKCU\..\Run: [NokiaOviSuite2] D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: PalTalk.lnk = D:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: & SHOUTcast Search - D:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Assign & hot key - D:\Program Files\Hot Keyboard Pro\IEScript.htm
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij & do programu OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Çŕęŕ÷ŕňü ÂŃĹ ďđč ďîěîůč Download Master - D:\Program Files\Download Master\dmieall.htm
O8 - Extra context menu item: Çŕęŕ÷ŕňü ďđč ďîěîůč Download Master - D:\Program Files\Download Master\dmie.htm
O8 - Extra context menu item: Ďĺđĺäŕňü íŕ óäŕëĺííóţ çŕęŕ÷ęó DM - D:\Program Files\Download Master\remdown.htm
O8 - Extra context menu item: Ściągnij przez IDM - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij & do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - D:\Program Files\Download Master\dmaster.exe
O9 - Extra 'Tools' menuitem: & Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - D:\Program Files\Download Master\dmaster.exe
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - " D:\Program Files\Fiddler2\Fiddler.exe " (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - " D:\Program Files\Fiddler2\Fiddler.exe " (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\program files\vmware\vmware player\vsocklib.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1292361887140
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C6D6ED-3973-4FF0-8E7B-AD4B3124AFAC}: NameServer = 10.0.10.1 194.204.159.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - D:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: KMService - Unknown owner - D:\WINDOWS\system32\srvany.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - E:\TU2011\TuneUpUtilitiesService32.exe

--
End of file - 13806 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Google Software Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-838170752-2147085195-1003Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-838170752-2147085195-1003UA.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{6CA68775-2F9C-4476-9C9B-B06F1E0BC74C}.job

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default

prefs.js - " browser.search.suggest.enabled " - false
prefs.js - " browser.search.useDBForOrder " - true
prefs.js - " browser.startup.homepage " - " http://pl.start3.mozilla.com/firefox?client=firefox-a & rls=org.mozilla:pl:official "
prefs.js - " extensions.enabledItems " - " jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, support@hideipprivacy.com:1.0, fiddlerhook@fiddler2.com:2.3.2.0, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, support@super-hide-ip.com:1.0, {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10, {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16 "
prefs.js - " keyword.URL " - " http://search.bearshare.com/web?src=ffb & systemid=2 & q= "

" fiddlerhook@fiddler2.com " =D:\Program Files\Fiddler2\FiddlerHook
" {20a82645-c095-46ed-80e3-08825760534b} " =D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
" jqs@sun.com " =D:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
" Description " =Adobe(R) Flash(R) Player 10.1 Plugin
" Path " =D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
" Description " =Oracle(R) Next Generation Java(TM) Plug-In
" Path " =D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
" Description " =Ag Player Plugin
" Path " =D:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
" Description " =Office Authorization plug-in for NPAPI browsers
" Path " =D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
" Description " =Microsoft SharePoint Plug-in for Firefox
" Path " =D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
" Description " =Windows Presentation Foundation plug-in for Mozilla browsers
" Path " =D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
" Description " =Google Updater
" Path " =D:\Program Files\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
" Description " =Google Update
" Path " =D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
" Description " =Google Update
" Path " =D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npdm.dll
npwachk.dll

D:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
BearShareWebSearch.xml
fbc-pl.xml
fcmdSrch.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\
dmpluginff@westbyte.com
flashbug@coursevector.com
flashfirebug@o-minds.com
support@hideipprivacy.com
support@super-hide-ip.com
twitternotifier@naan.net
{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
{20a82645-c095-46ed-80e3-08825760534b}
{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\searchplugins\
askcom.xml
BearShareWebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - D:\Program Files\Internet Download Manager\IDMIECC.dll [2011-04-15 210352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestracji usługi Windows Live - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master - D:\PROGRA~1\DOWNLO~1\dmiehlp.dll [2011-04-22 165184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-04-28 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccec60fc-2608-4e58-9659-3ffc159e8ea9}]
SHOUTcast Loader - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-14 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-14 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - SHOUTcast Radio Toolbar - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
" SoundMan " =D:\WINDOWS\SOUNDMAN.EXE [2010-11-19 585728]
" egui " =D:\Program Files\ESET\ESET Smart Security\egui.exe [2010-06-24 2202704]
" SGCameraMonitor " =D:\WINDOWS\SGStiMon.exe [2009-06-02 332284]
" TWCU " =D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe [2010-05-21 561263]
" TNOD UP " =D:\Program Files\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]
" AtiPTA " =D:\WINDOWS\system32\atiptaxx.exe [2006-02-22 344064]
" SunJavaUpdateSched " =D:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
" NokiaMServer " =D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
" Hot Keyboard " =D:\Program Files\Hot Keyboard\HotKeyb.exe [2008-01-23 606208]
" ctfmon.exe " =D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
" uTorrent " =D:\Program Files\uTorrent\uTorrent.exe [2011-03-24 399736]
" " = []
" NokiaOviSuite2 " =D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-07-21 966712]

D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
PalTalk.lnk - D:\Program Files\Paltalk Messenger\paltalk.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
" AppInit_DLLs " = " "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2007-12-05 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2011-04-28 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-02 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
" {B5A7F190-DDA6-4420-B3BA-52453494E6CD} " =D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
" dontdisplaylastusername " =0
" legalnoticecaption " =
" legalnoticetext " =
" shutdownwithoutlogon " =1
" undockwithoutlogon " =1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
" NoDriveTypeAutoRun " =177

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
" HonorAutoRunSetting " =1
" NoDriveTypeAutoRun " =255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
" %windir%\Network Diagnostic\xpnetdiag.exe " = " %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 "
" %windir%\system32\sessmgr.exe " = " %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "
" D:\Program Files\uTorrent\uTorrent.exe " = " D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent "
" D:\Program Files\Skype\Plugin Manager\skypePM.exe " = " D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "
" D:\Program Files\Gadu-Gadu 10\gg.exe " = " D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 "
" E:\NFSU2\speed2.exe " = " E:\NFSU2\speed2.exe:*:Enabled:speed2 "
" \??\D:\WINDOWS\system32\winlogon.exe " = " \??\D:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1 "
" D:\Program Files\Windows Live\Messenger\msnmsgr.exe " = " D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
" D:\Program Files\Opera\opera.exe " = " D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser "
" D:\Program Files\Cain\Cain.exe " = " D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility "
" D:\Program Files\eMule\emule.exe " = " D:\Program Files\eMule\emule.exe:*:Enabled:eMule "
" D:\Program Files\Winamp\winamp.exe " = " D:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp "
" D:\Program Files\VMware\VMware Player\vmware-authd.exe " = " D:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd "
" D:\Program Files\Microsoft Office\Office14\GROOVE.EXE " = " D:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace "
" D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE " = " D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote "
" D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE " = " D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
" D:\Program Files\TeamViewer\Version6\TeamViewer.exe " = " D:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application "
" D:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe " = " D:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service "
" D:\Program Files\Java\jre6\bin\javaw.exe " = " D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary "
" D:\Program Files\Skype\Phone\Skype.exe " = " D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
" E:\cs\hl.exe " = " E:\cs\hl.exe:*:Enabled:Half-Life Launcher "
" D:\Program Files\Paltalk Messenger\paltalk.exe " = " D:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:Paltalk Messenger "
" F:\RS\support\bin\win\RosettaStoneLtdServices.exe " = " F:\RS\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services "
" F:\RS\RosettaStoneVersion3.exe " = " F:\RS\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application "
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe " = " D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe:*:Enabled:RosettaStoneLtdController "
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe " = " D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe:*:Enabled:RosettaStoneLtdServer "
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe " = " D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:*:Enabled:RosettaStoneLtdServices "
" C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe " = " C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe:*:Enabled:Foxit PDF Editor, the first REAL editor for PDF files! "
" D:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe " = " D:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
" D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe " = " D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
" %windir%\Network Diagnostic\xpnetdiag.exe " = " %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 "
" %windir%\system32\sessmgr.exe " = " %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 "
" D:\Program Files\Windows Live\Messenger\msnmsgr.exe " = " D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
" D:\Program Files\BearShare Applications\BearShare\BearShare.exe " = " D:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare "
" D:\Program Files\VMware\VMware Player\vmware-authd.exe " = " D:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd "
" F:\RS\support\bin\win\RosettaStoneLtdServices.exe " = " F:\RS\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services "
" F:\RS\RosettaStoneVersion3.exe " = " F:\RS\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application "
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe " = " D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe:*:Enabled:RosettaStoneLtdController "
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe " = " D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe:*:Enabled:RosettaStoneLtdServer "
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe " = " D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:*:Enabled:RosettaStoneLtdServices "


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cyberghost.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\finereader.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\googleapps.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\googleupdater.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaw.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaws.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\misc.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\paltalk.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\remotesupport.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vmplayer.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe]
" Debugger= " " E:\TU2011\TUAutoReactivator32.exe "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
" midimapper " =midimap.dll
" msacm.imaadpcm " =imaadp32.acm
" msacm.msadpcm " =msadp32.acm
" msacm.msg711 " =msg711.acm
" msacm.msgsm610 " =msgsm32.acm
" msacm.trspch " =tssoft32.acm
" vidc.cvid " =iccvid.dll
" VIDC.I420 " =msh263.drv
" vidc.iv31 " =ir32_32.dll
" vidc.iv32 " =ir32_32.dll
" vidc.iv41 " =ir41_32.ax
" VIDC.IYUV " =iyuv_32.dll
" vidc.mrle " =msrle32.dll
" vidc.msvc " =msvidc32.dll
" VIDC.UYVY " =msyuv.dll
" VIDC.YUY2 " =msyuv.dll
" VIDC.YVU9 " =tsbyuv.dll
" VIDC.YVYU " =msyuv.dll
" wavemapper " =msacm32.drv
" MSVideo8 " =VfWWDM32.dll
" msacm.msg723 " =msg723.acm
" vidc.M263 " =msh263.drv
" vidc.M261 " =msh261.drv
" msacm.msaudio1 " =msaud32.acm
" msacm.sl_anet " =sl_anet.acm
" msacm.iac2 " =D:\WINDOWS\system32\iac25_32.ax
" vidc.iv50 " =ir50_32.dll
" msacm.l3acm " =D:\WINDOWS\system32\l3codeca.acm
" wave " =wdmaud.drv
" midi " =wdmaud.drv
" mixer " =wdmaud.drv
" msacm.siren " =sirenacm.dll
" msacm.vorbis " =vorbis.acm
" VIDC.VMnc " =vmnc.dll

======List of files/folders created in the last 1 month======

2011-08-01 16:30:33 ----D---- D:\rsit
2011-08-01 16:30:33 ----D---- D:\Program Files\trend micro
2011-07-31 22:57:49 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\HD Tune Pro
2011-07-31 22:55:46 ----D---- D:\Program Files\HD Tune Pro
2011-07-30 12:47:01 ----HD---- D:\WINDOWS\Icons
2011-07-29 19:33:33 ----A---- D:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2011-07-29 19:33:01 ----A---- D:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2011-07-29 19:30:33 ----D---- D:\WINDOWS\system32\RsFx
2011-07-29 19:26:56 ----D---- D:\Program Files\Microsoft Visual Studio 9.0
2011-07-29 19:12:16 ----D---- D:\Program Files\Microsoft SQL Server
2011-07-29 19:04:26 ----D---- D:\Program Files\Microsoft SDKs
2011-07-29 19:04:26 ----D---- D:\Program Files\Microsoft Help Viewer
2011-07-29 14:38:14 ----A---- D:\WINDOWS\system32\hidserv.dll
2011-07-29 14:38:10 ----A---- D:\WINDOWS\system32\drivers\kbdhid.sys
2011-07-29 14:00:45 ----D---- D:\Program Files\MSXML 4.0
2011-07-28 15:32:34 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\Nokia
2011-07-28 15:32:15 ----D---- D:\WINDOWS\system32\LogFiles
2011-07-28 15:31:46 ----HDC---- D:\WINDOWS\$NtUninstallWudf01009$
2011-07-28 15:31:12 ----A---- D:\WINDOWS\system32\drivers\usbser.sys
2011-07-28 15:30:33 ----N---- D:\WINDOWS\system32\spmsgXP_2k3.dll
2011-07-28 15:30:22 ----HDC---- D:\WINDOWS\$NtUninstallWdf01009$
2011-07-28 15:27:57 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2011-07-28 15:27:54 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite
2011-07-28 15:24:43 ----D---- D:\Program Files\Common Files\Nokia
2011-07-28 15:24:09 ----D---- D:\Program Files\DIFX
2011-07-28 15:24:08 ----A---- D:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-07-28 15:23:55 ----D---- D:\Program Files\PC Connectivity Solution
2011-07-28 15:23:40 ----A---- D:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011-07-28 15:23:38 ----A---- D:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011-07-28 15:23:35 ----A---- D:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-07-28 15:23:33 ----A---- D:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-07-28 15:23:31 ----A---- D:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-07-28 15:23:22 ----A---- D:\WINDOWS\system32\drivers\ccdcmb.sys
2011-07-28 15:23:21 ----A---- D:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-07-28 15:23:21 ----A---- D:\WINDOWS\system32\nmwcdcocls.dll
2011-07-28 15:23:21 ----A---- D:\WINDOWS\system32\ccdcmbwu.dll
2011-07-28 15:23:18 ----A---- D:\WINDOWS\system32\nmwcdcls.dll
2011-07-28 15:21:31 ----D---- D:\Program Files\MSXML 6.0
2011-07-28 15:20:58 ----D---- D:\Program Files\Nokia
2011-07-28 15:20:58 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
2011-07-26 14:27:21 ----D---- D:\Program Files\Common Files\Java
2011-07-26 14:20:50 ----A---- D:\WINDOWS\system32\javaws.exe
2011-07-26 14:20:50 ----A---- D:\WINDOWS\system32\javaw.exe
2011-07-26 14:20:50 ----A---- D:\WINDOWS\system32\java.exe
2011-07-22 21:16:27 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\Hot Keyboard
2011-07-22 21:15:56 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\Hot Keyboard Pro Backup
2011-07-22 21:15:40 ----D---- D:\Program Files\Hot Keyboard Pro
2011-07-22 16:53:44 ----D---- D:\Program Files\Hot Keyboard
2011-07-22 11:27:53 ----D---- D:\Program Files\FBP - Facebook Blaster Pro
2011-07-20 21:31:53 ----D---- D:\Program Files\MoorHunt
2011-07-18 17:59:10 ----D---- D:\Program Files\AutoIt3
2011-07-16 17:05:36 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\framezoo.com
2011-07-16 17:05:27 ----D---- D:\Program Files\FBDevil
2011-07-16 17:05:27 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\framezoo.com
2011-07-13 11:47:12 ----HDC---- D:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 11:43:32 ----HDC---- D:\WINDOWS\$NtUninstallKB2555917$
2011-07-09 23:53:54 ----HDC---- D:\WINDOWS\$NtUninstallKB958655-v2$
2011-07-09 23:52:30 ----HDC---- D:\WINDOWS\$NtUninstallKB942288-v3$

======List of files/folders modified in the last 1 month======

2011-08-01 16:30:49 ----D---- D:\WINDOWS\Prefetch
2011-08-01 16:30:47 ----D---- D:\WINDOWS\Temp
2011-08-01 16:30:33 ----D---- D:\Program Files
2011-08-01 16:22:16 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent
2011-08-01 12:51:02 ----A---- D:\WINDOWS\SchedLgU.Txt
2011-08-01 11:36:11 ----D---- D:\WINDOWS\system32\CatRoot2
2011-08-01 00:40:23 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2011-08-01 00:40:22 ----D---- D:\WINDOWS\system32\drivers
2011-07-31 23:11:59 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\DMCache
2011-07-31 15:31:50 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\Rosetta Stone
2011-07-31 11:44:18 ----D---- D:\WINDOWS\Microsoft.NET
2011-07-31 11:44:16 ----RSD---- D:\WINDOWS\assembly
2011-07-31 00:34:34 ----HD---- D:\Config.Msi
2011-07-31 00:34:06 ----SHD---- D:\WINDOWS\Installer
2011-07-30 12:47:01 ----D---- D:\WINDOWS
2011-07-30 12:27:53 ----D---- D:\WINDOWS\Cursors
2011-07-30 01:05:33 ----RSD---- D:\WINDOWS\Fonts
2011-07-29 22:09:12 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\VMware
2011-07-29 22:08:36 ----SD---- D:\WINDOWS\Tasks
2011-07-29 19:33:35 ----D---- D:\WINDOWS\system32
2011-07-29 19:33:34 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2011-07-29 19:26:47 ----D---- D:\Program Files\Common Files\Microsoft Shared
2011-07-29 19:25:44 ----D---- D:\WINDOWS\system32\1033
2011-07-29 19:25:02 ----D---- D:\Program Files\Microsoft.NET
2011-07-29 19:21:31 ----D---- D:\WINDOWS\WinSxS
2011-07-29 19:09:19 ----SD---- D:\Documents and Settings\Mateusz\Dane aplikacji\Microsoft
2011-07-29 19:09:19 ----SD---- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2011-07-28 15:32:18 ----HD---- D:\WINDOWS\inf
2011-07-28 15:31:19 ----D---- D:\WINDOWS\system32\drivers\UMDF
2011-07-28 15:30:55 ----A---- D:\WINDOWS\imsins.BAK
2011-07-28 15:24:43 ----D---- D:\Program Files\Common Files
2011-07-28 15:24:07 ----DC---- D:\WINDOWS\system32\DRVSTORE
2011-07-26 14:20:45 ----D---- D:\Program Files\Java
2011-07-24 00:52:57 ----D---- D:\Program Files\Mozilla Firefox
2011-07-22 13:55:36 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\vlc
2011-07-22 12:13:02 ----A---- D:\WINDOWS\system32\BASSMOD.dll
2011-07-21 23:32:09 ----D---- D:\Program Files\ABBYY FineReader 10
2011-07-18 17:59:13 ----D---- D:\WINDOWS\SHELLNEW
2011-07-15 22:13:43 ----D---- D:\Documents and Settings\Mateusz\Dane aplikacji\EurekaLog
2011-07-13 11:47:14 ----D---- D:\WINDOWS\system32\dllcache
2011-07-13 11:43:45 ----A---- D:\WINDOWS\system32\MRT.exe
2011-07-13 10:42:31 ----HD---- D:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 Si3112;Si3112; D:\WINDOWS\system32\drivers\Si3112.sys [2008-05-02 62208]
R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2010-11-21 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 atitray;atitray; \??\D:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys []
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 epfwtdi;epfwtdi; D:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-06-24 55256]
R1 IDMTDI;IDMTDI; D:\WINDOWS\system32\DRIVERS\idmtdi.sys [2011-05-30 101360]
R1 intelppm;Sterownik procesora Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Sterownik klawiatury HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]
R2 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2010-06-24 140752]
R2 epfw;epfw; D:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-28 134488]
R2 hcmon;VMware hcmon; \??\D:\WINDOWS\system32\drivers\hcmon.sys []
R2 LBeepKE;LBeepKE; D:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-09-01 3712]
R2 NPF;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 vmci;VMware vmci; \??\D:\WINDOWS\system32\Drivers\vmci.sys []
R2 VMnetBridge;VMware Bridge Protocol; D:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2010-11-11 32752]
R2 VMnetuserif;VMware Network Application Interface; \??\D:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\D:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\D:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\D:\Program Files\VMware\VMware Player\vstor2-ws60.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2010-11-19 4122368]
R3 AR9271;Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athuw.sys [2010-01-05 1714176]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-05 2782208]
R3 Epfwndis;Eset Personal Firewall; D:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-04-28 32584]
R3 hidusb;Sterownik Microsoft klasy HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Sterownik myszy HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\E:\TU2011\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 vmkbd;VMware kbd; \??\D:\WINDOWS\system32\drivers\VMkbd.sys []
R3 WSIMD;wsimd Service; D:\WINDOWS\system32\DRIVERS\wsimd.sys [2010-05-21 58208]
S3 AIRPLUS;D-Link AirPlus Wireless Adapter; D:\WINDOWS\system32\DRIVERS\airplus.sys [2003-09-08 255360]
S3 ammttwwn;ammttwwn; D:\WINDOWS\system32\drivers\ammttwwn.sys []
S3 ar4n7ez1;ar4n7ez1; D:\WINDOWS\system32\drivers\ar4n7ez1.sys []
S3 CCDECODE;Dekoder napisów; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; D:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-02-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; D:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-02-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; D:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-02-25 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; D:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; D:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
S3 LHidKe;SetPoint HID Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136]
S3 LMouKE;SetPoint Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-07-19 71936]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; D:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; D:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; D:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; D:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\D:\WINDOWS\system32\NSNDIS5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RT73;TL-WN321G USB Wireless Adapter; D:\WINDOWS\system32\DRIVERS\rt73.sys []
S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; D:\WINDOWS\system32\drivers\ScreamingBAudio.sys []
S3 SG320 Video Capture;SG320 Video Capture; D:\WINDOWS\System32\Drivers\SGCam3UVC.sys [2009-06-19 95040]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tap0901;TAP-Win32 Adapter V9; D:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-08-01 25216]
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbprint;Klasa PRINTER USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; D:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; D:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Sterownik magazynu masowego USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Urządzenie wideo USB (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; D:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2010-11-11 16560]
S3 vmusb;VMware USB Client Driver; D:\WINDOWS\System32\Drivers\vmusb.sys [2010-11-11 31280]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-02 38528]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 RsFx0103;RsFx0103 Driver; D:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; D:\WINDOWS\system32\acs.exe [2010-05-21 499796]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2007-12-05 495616]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-06-24 810144]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); D:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 Net Driver HPZ12;Net Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; E:\TU2011\TuneUpUtilitiesService32.exe [2011-03-30 1523008]
R2 UxTuneUp;TuneUp Theme Extension; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2007-09-28 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Usługa Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-14 136176]
S2 KMService;KMService; D:\WINDOWS\system32\srvany.exe [2011-03-31 8192]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-06-24 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-11 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Usługa Google Update (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-14 136176]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; D:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S4 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; D:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-07-22 814344]
S4 aspnet_state;,,Usługa stanu ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 CGVPNCliSrvc;CyberGhost VPN Client; D:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2011-02-02 2413704]
S4 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-28 194104]
S4 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; D:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 osppsvc;Office Software Protection Platform; D:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 RosettaStoneLtdController;RosettaStoneLtdController; D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe [2008-09-16 352312]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); D:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S4 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); D:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; D:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
S4 SQLWriter;SQL Server VSS Writer; D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S4 ufad-ws60;VMware Agent Service; D:\Program Files\VMware\VMware Player\vmware-ufad.exe [2010-08-19 191024]
S4 VMAuthdService;VMware Authorization Service; D:\Program Files\VMware\VMware Player\vmware-authd.exe [2010-11-11 113264]
S4 VMnetDHCP;VMware DHCP Service; D:\WINDOWS\system32\vmnetdhcp.exe [2010-11-11 334448]
S4 VMUSBArbService;VMware USB Arbitration Service; D:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-11-11 539248]
S4 VMware NAT Service;VMware NAT Service; D:\WINDOWS\system32\vmnat.exe [2010-11-11 404080]
S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------


Logi.rar > info.txt

info.txt logfile of random's system information tool 1.09 2011-08-01 16:30:53

======Uninstall list======

-- & gt; rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
uTorrent-- & gt; " D:\Program Files\uTorrent\uTorrent.exe " /UNINSTALL
32 Bit HP CIO Components Installer-- & gt; MsiExec.exe /I{0868BB9D-5EA0-40AF-A1CC-A38ED4E5BC67}
7-Zip 9.20-- & gt; " D:\Program Files\7-Zip\Uninstall.exe "
ABBYY FineReader 10 Professional Edition-- & gt; MsiExec.exe /I{F1000000-0001-0000-0000-074957833700}
Adobe Flash Player 10 ActiveX-- & gt; D:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-- & gt; D:\WINDOWS\system32\Macromed\Flash\FlashUtil10u_Plugin.exe -maintain plugin
Aiseesoft Streaming Video Recorder-- & gt; " D:\Program Files\Aiseesoft Studio\Aiseesoft Streaming Video Recorder\unins000.exe "
Aktualizacja dla programu Microsoft Outlook Social Connector (KB2441641)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-001A-0415-0000-0000000FF1CE} " " {0F03EE57-6776-4ADA-99CF-ECA4B81BC5E0} " " 1045 " " 0 "
Aktualizacja dla systemu Windows Internet Explorer 8 (KB2447568)-- & gt; " D:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows Internet Explorer 8 (KB976662)-- & gt; " D:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB2141007)-- & gt; " D:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB2345886)-- & gt; " D:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB2467659)-- & gt; " D:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB2541763)-- & gt; " D:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB898461)-- & gt; " D:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB951978)-- & gt; " D:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB955759)-- & gt; " D:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB961503)-- & gt; " D:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB967715)-- & gt; " D:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB968389)-- & gt; " D:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB971029)-- & gt; " D:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB971737)-- & gt; " D:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB973687)-- & gt; " D:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe "
Aktualizacja dla systemu Windows XP (KB973815)-- & gt; " D:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)-- & gt; " D:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-- & gt; " D:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-- & gt; " D:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-- & gt; " D:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)-- & gt; " D:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-- & gt; " D:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)-- & gt; " D:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB2360131)-- & gt; " D:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB938127-v2)-- & gt; " D:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2360131)-- & gt; " D:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2416400)-- & gt; " D:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2482017)-- & gt; " D:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2497640)-- & gt; " D:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2510531)-- & gt; " D:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2530548)-- & gt; " D:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2544521)-- & gt; " D:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)-- & gt; " D:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB981332)-- & gt; " D:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB982381)-- & gt; " D:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-- & gt; " D:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-- & gt; " D:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2121546)-- & gt; " D:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-- & gt; " D:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2259922)-- & gt; " D:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2279986)-- & gt; " D:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2286198)-- & gt; " D:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)-- & gt; " D:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296199)-- & gt; " D:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)-- & gt; " D:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)-- & gt; " D:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)-- & gt; " D:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)-- & gt; " D:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)-- & gt; " D:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)-- & gt; " D:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)-- & gt; " D:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2436673)-- & gt; " D:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)-- & gt; " D:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)-- & gt; " D:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)-- & gt; " D:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476687)-- & gt; " D:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)-- & gt; " D:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)-- & gt; " D:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479628)-- & gt; " D:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)-- & gt; " D:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)-- & gt; " D:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)-- & gt; " D:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485376)-- & gt; " D:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)-- & gt; " D:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503658)-- & gt; " D:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)-- & gt; " D:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)-- & gt; " D:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506223)-- & gt; " D:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)-- & gt; " D:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938)-- & gt; " D:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)-- & gt; " D:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)-- & gt; " D:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)-- & gt; " D:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2511455)-- & gt; " D:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375)-- & gt; " D:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)-- & gt; " D:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276)-- & gt; " D:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)-- & gt; " D:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917)-- & gt; " D:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-- & gt; " D:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-- & gt; " D:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-- & gt; " D:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-- & gt; " D:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-- & gt; " D:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-- & gt; " D:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-- & gt; " D:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-- & gt; " D:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)-- & gt; " D:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-- & gt; " D:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-- & gt; " D:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-- & gt; " D:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-- & gt; " D:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-- & gt; " D:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-- & gt; " D:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-- & gt; " D:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-- & gt; " D:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-- & gt; " D:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-- & gt; " D:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-- & gt; " D:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-- & gt; " D:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-- & gt; " D:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-- & gt; " D:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971961)-- & gt; " D:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-- & gt; " D:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-- & gt; " D:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-- & gt; " D:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-- & gt; " D:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-- & gt; " D:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-- & gt; " D:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-- & gt; " D:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-- & gt; " D:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-- & gt; " D:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-- & gt; " D:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-- & gt; " D:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-- & gt; " D:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-- & gt; " D:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-- & gt; " D:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-- & gt; " D:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-- & gt; " D:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-- & gt; " D:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-- & gt; " D:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-- & gt; " D:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-- & gt; " D:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-- & gt; " D:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-- & gt; " D:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)-- & gt; " D:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-- & gt; " D:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-- & gt; " D:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-- & gt; " D:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)-- & gt; " D:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981349)-- & gt; " D:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981852)-- & gt; " D:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981957)-- & gt; " D:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-- & gt; " D:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)-- & gt; " D:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982214)-- & gt; " D:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe "
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-- & gt; " D:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe "
Aktualizator Google-- & gt; " D:\Program Files\Google\Google Updater\GoogleUpdater.exe " -uninstall
Archiwizator WinRAR-- & gt; D:\Program Files\WinRAR\uninstall.exe
Arturia Minimoog V v1.0-- & gt; D:\PROGRA~1\Arturia\MINIMO~1\UNWISE.EXE D:\PROGRA~1\Arturia\MINIMO~1\INSTALL.LOG
Ashampoo Burning Studio 10.0.7-- & gt; " D:\Program Files\Ashampoo\Ashampoo Burning Studio 10\unins000.exe "
ASIO4ALL-- & gt; D:\Program Files\ASIO4ALL v2\uninstall.exe
Asystent rejestracji usługi Windows Live-- & gt; MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2}
ATI Display Driver (Omega 3.8.442)-- & gt; rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-- & gt; " D:\Program Files\Audacity\unins000.exe "
AutoIt v3.3.6.1-- & gt; D:\Program Files\AutoIt3\Uninstall.exe
blueconnect-- & gt; D:\Program Files\blueconnect\uninst.exe
Cain & Abel v4.9.39-- & gt; D:\PROGRA~1\Cain\UNINSTAL.EXE D:\PROGRA~1\Cain\Install.log
CCleaner-- & gt; " D:\Program Files\CCleaner\uninst.exe "
Cheat Engine 6.0-- & gt; " D:\Program Files\Cheat Engine 6\unins000.exe "
Collab-- & gt; D:\Program Files\Image-Line\Collab\uninstall.exe
creepy 0.1.92-- & gt; D:\Program Files\creepy\uninst.exe
CyberGhost VPN Patch 4.6.10-- & gt; " D:\Program Files\S.A.D\CyberGhost VPN\unins000.exe "
Definition update for Microsoft Office 2010 (KB982726)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {2FD3FD50-4D6B-433B-9AB8-83F04675DA44} " " 1045 " " 0 "
D-Link AirPlus-- & gt; RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup " D:\Program Files\InstallShield Installation Information\{CDC74FE6-5224-11D6-B27F-00E0181A6FA8}\Setup.exe " -l0x9
Download Master version 5.10.1.1267-- & gt; " D:\Program Files\Download Master\unins000.exe "
Driver Checker v2.7.4-- & gt; " D:\Program Files\Driver Checker\unins000.exe "
Dzielenie i łączenie plików v1.2.2-- & gt; " D:\Program Files\Dzielenie i laczenie plikow\unins000.exe "
EASEUS Data Recovery Wizard Professional 4.3.6-- & gt; RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup " D:\Program Files\InstallShield Installation Information\{1965C9BB-9114-4A50-AEC7-E62414BB117B}\setup.exe " -l0x9 -removeonly
EVEREST Ultimate Edition v5.50-- & gt; " D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe "
Facebook Devil-- & gt; D:\Program Files\FBDevil\uninst.exe
FBP - Facebook Blaster Pro-- & gt; MsiExec.exe /I{2C72AE8A-932F-4AF8-92DD-60B84AA30BDE}
Fiddler2-- & gt; " D:\Program Files\Fiddler2\uninst.exe "
FL Studio 9-- & gt; D:\Program Files\Image-Line\FL Studio 9\uninstall.exe
Foxit PDF Editor-- & gt; C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
Free eXPert PDF Reader-- & gt; MsiExec.exe /X{487C2D48-A9E3-4F34-92BD-B6A847025C16}
FreeVPN v3.22-- & gt; " D:\Program Files\FreeVPN\unins000.exe "
Gadu-Gadu 10-- & gt; D:\Program Files\Gadu-Gadu 10\Uninstall.exe
Google Apps-- & gt; MsiExec.exe /I{C8E95BF5-C07F-4D98-BB42-F58FC98BC03E}
Google Update Helper-- & gt; MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HD Tune Pro 4.61-- & gt; " D:\Program Files\HD Tune Pro\unins000.exe "
Hide IP Privacy-- & gt; " D:\Program Files\HideIPPrivacy\uninst.exe "
Hot Keyboard Pro 3.2-- & gt; " D:\Program Files\Hot Keyboard Pro\unins000.exe "
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-- & gt; D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT= " "
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-- & gt; D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT= " "
Hotfix for Windows Media Format 11 SDK (KB929399)-- & gt; " D:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB958655-v2)-- & gt; " D:\WINDOWS\$NtUninstallKB958655-v2$\spuninst\spuninst.exe "
HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6-- & gt; " D:\Program Files\Common Files\Hewlett-Packard\HPDIU 2.5\HPDIU_Uninstall.exe " /d " HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6 " /m " ARP "
HP Image Zone 4.7-- & gt; D:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7-- & gt; " D:\Program Files\HP\Digital Imaging\{5469D537-9B44-4c78-BF2D-5F9807564F74}\setup\hpzscr01.exe " -datfile hposcr05.dat
HyperCam 3-- & gt; " D:\Program Files\HyperCam 3\Uninstall.exe " " D:\Program Files\HyperCam 3\install.log " -u
IL Download Manager-- & gt; D:\Program Files\Image-Line\Downloader\uninstall.exe
Internet Download Manager-- & gt; D:\Program Files\Internet Download Manager\Uninstall.exe
Java DB 10.6.2.1-- & gt; MsiExec.exe /X{73EC658D-A1C6-40CA-8E86-E05821BAACE7}
Java(TM) 6 Update 26-- & gt; MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Java(TM) SE Development Kit 6 Update 25-- & gt; MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160250}
JDownloader 0.9-- & gt; D:\Program Files\JDownloader\JDUninstall.exe
JDownloader-- & gt; D:\Program Files\JDownloader\uninstall.exe
Kamerzysta (deinstalacja)-- & gt; " D:\Program Files\Onet\Kamerzysta\odinstaluj.exe "
Live Redemption Checker-- & gt; " D:\Program Files\eC\LRC\unins000.exe "
Live Redemption Checker-- & gt; D:\Program Files\eC\LRC\uninst.exe
Logitech SetPoint-- & gt; RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup " D:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe " -l0x15 -removeonly
Malwarebytes' Anti-Malware wersja 1.51.1.1800-- & gt; " D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK-- & gt; MsiExec.exe /I{036FD544-AED6-3F33-856D-A2292D0CF471}
Microsoft .NET Framework 2.0 Service Pack 2-- & gt; MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK-- & gt; MsiExec.exe /I{7C77393F-8237-3825-A88A-AFAF3C69C072}
Microsoft .NET Framework 3.0 Service Pack 2-- & gt; MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack - plk-- & gt; MsiExec.exe /I{F31E509D-3597-324E-83CF-0C160B2320F0}
Microsoft .NET Framework 3.5 SP1-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-- & gt; MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile PLK Language Pack-- & gt; MsiExec.exe /X{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}
Microsoft .NET Framework 4 Client Profile-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-- & gt; MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended PLK Language Pack-- & gt; MsiExec.exe /X{5C19E2DC-4CCF-3114-B40A-6E565987025F}
Microsoft .NET Framework 4 Extended-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-- & gt; MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft .NET Framework 4 Multi-Targeting Pack-- & gt; MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft Choice Guard-- & gt; MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Help Viewer 1.0-- & gt; D:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
Microsoft Help Viewer 1.0-- & gt; MsiExec.exe /X{47C39E4A-28F2-33B1-B9B7-97F24E52D917}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-- & gt; " D:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe "
Microsoft Office Access MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-0015-0415-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-0018-0415-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe " /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-- & gt; MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-- & gt; MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-- & gt; MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2010-- & gt; MsiExec.exe /X{90140000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2010-- & gt; MsiExec.exe /X{90140000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2010-- & gt; MsiExec.exe /X{90140000-001B-0415-0000-0000000FF1CE}
Microsoft PowerPoint Viewer-- & gt; MsiExec.exe /X{95140000-00AF-0409-0000-0000000FF1CE}
Microsoft Silverlight-- & gt; MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 Browser-- & gt; MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
Microsoft SQL Server 2008 Common Files-- & gt; MsiExec.exe /I{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}
Microsoft SQL Server 2008 Common Files-- & gt; MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
Microsoft SQL Server 2008 Database Engine Services-- & gt; MsiExec.exe /I{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}
Microsoft SQL Server 2008 Database Engine Services-- & gt; MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
Microsoft SQL Server 2008 Database Engine Shared-- & gt; MsiExec.exe /I{4815BD99-96A4-49FE-A885-DCF06E9E4E78}
Microsoft SQL Server 2008 Database Engine Shared-- & gt; MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
Microsoft SQL Server 2008 Native Client-- & gt; MsiExec.exe /I{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}
Microsoft SQL Server 2008 R2 Management Objects-- & gt; MsiExec.exe /I{4E968D9C-21A7-4915-B698-F7AEB913541D}
Microsoft SQL Server 2008 RsFx Driver-- & gt; MsiExec.exe /I{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}
Microsoft SQL Server 2008 Setup Support Files -- & gt; MsiExec.exe /X{D441BD04-E548-4F8E-97A4-1B66135BAAA8}
Microsoft SQL Server 2008-- & gt; " D:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe " /x86
Microsoft SQL Server 2008-- & gt; " D:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe " /X86
Microsoft SQL Server Compact 3.5 SP2 ENU-- & gt; MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server System CLR Types-- & gt; MsiExec.exe /I{2A2F3AE8-246A-4252-BB26-1BEB45627074}
Microsoft SQL Server VSS Writer-- & gt; MsiExec.exe /I{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}
Microsoft User-Mode Driver Framework Feature Pack 1.9-- & gt; " D:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe "
Microsoft Visual Basic 2010 Express - ENU-- & gt; E:\VB\Microsoft Visual Basic 2010 Express - ENU\setup.exe
Microsoft Visual Basic 2010 Express - ENU-- & gt; MsiExec.exe /X{ED784556-66AA-3F17-9B58-7246ACB5C7E4}
Microsoft Visual C++ 2005 Redistributable-- & gt; MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-- & gt; MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-- & gt; MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-- & gt; MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-- & gt; MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-- & gt; MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-- & gt; MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Mobile Partner-- & gt; D:\Program Files\Mobile Partner\uninst.exe
MoorHunt 0.6.7.2-- & gt; " D:\Program Files\MoorHunt\unins000.exe "
Mowa Ciała-- & gt; " D:\Program Files\Avalon\Mowa Ciała\Odinstaluj.exe "
Mozilla Firefox 5.0 (x86 pl)-- & gt; D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-- & gt; MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-- & gt; MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-- & gt; MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-- & gt; MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-- & gt; MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6.0 Parser-- & gt; MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
MultiRes (remove only)-- & gt; D:\Program Files\MultiRes\uninstal.exe
Narzędzie do przekazywania usługi Windows Live-- & gt; MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Narzędzie Software Uninstall Utility firmy ATI-- & gt; D:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
Need for Speed Underground 2-- & gt; E:\NFSU2\EAUninstall.exe
Network Stumbler 0.4.0 (remove only)-- & gt; " D:\Program Files\Network Stumbler\uninst.exe "
Nokia Connectivity Cable Driver-- & gt; MsiExec.exe /I{2D99A593-C841-43A7-B7C9-D6F3AE70B756}
Nokia Ovi Suite Software Updater-- & gt; MsiExec.exe /X{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}
Nokia Ovi Suite-- & gt; D:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{07D77970-B205-460C-84E4-263F30455597}\Installer.exe
Nokia Ovi Suite-- & gt; MsiExec.exe /X{07D77970-B205-460C-84E4-263F30455597}
n-Track Studio 6-- & gt; MsiExec.exe /I{BD7D5903-CACF-4974-979F-B2523B75E544}
OpenAL-- & gt; " D:\Program Files\OpenAL\oalinst.exe " /U
Opera 11.10-- & gt; " D:\Program Files\Opera\Opera.exe " /uninstall
Ovi Desktop Sync Engine-- & gt; MsiExec.exe /X{2CC53A53-44F4-4667-8584-2FFC9ACB2242}
OviMPlatform-- & gt; MsiExec.exe /I{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}
Pakiet językowy programu Microsoft .NET Framework 3.5 -- PLK-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk\setup.exe
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-- & gt; D:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u D:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Paltalk Messenger-- & gt; " D:\WINDOWS\Paltalk Messenger\uninstall.exe " " /U:D:\Program Files\Paltalk Messenger\irunin.xml "
PC Connectivity Solution-- & gt; MsiExec.exe /I{C373F7C4-05D2-4047-96D1-6AF30661C6AA}
PhotoME Beta-Release-- & gt; " D:\Program Files\PhotoMEBeta\unins000.exe "
Platinum Hide IP-- & gt; " D:\Program Files\PlatinumHideIP\uninst.exe "
Podstawowe programy Windows Live-- & gt; D:\Program Files\Windows Live\Installer\wlarp.exe
Podstawowe programy Windows Live-- & gt; MsiExec.exe /I{C5096D00-8B9C-41DB-8472-9D721E982DF0}
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ClientLP
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ExtendedLP
Poprawka dla programu Windows Media Player 11 (KB939683)-- & gt; " D:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Poprawka dla systemu Windows XP (KB2158563)-- & gt; " D:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe "
Poprawka dla systemu Windows XP (KB2443685)-- & gt; " D:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe "
Poprawka dla systemu Windows XP (KB942288-v3)-- & gt; " D:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe "
Poprawka dla systemu Windows XP (KB952287)-- & gt; " D:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Poprawka dla systemu Windows XP (KB961118)-- & gt; " D:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe "
Radeon Omega Drivers v4.8.442 Setup Files and Tools-- & gt; " D:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe " " /U:D:\Program Files\Radeon Omega Drivers\v4.8.442\Omega Uninstall.xml "
Real Hide IP-- & gt; " D:\Program Files\RealHideIP\uninst.exe "
Realtek AC'97 Audio-- & gt; RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup " D:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe " -l0x15 -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver-- & gt; D:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe -runfromtemp -l0x0015 -removeonly
Rosetta Stone Ltd Services-- & gt; MsiExec.exe /X{2110AF8F-F6E9-4712-A185-1B839C60822E}
Rosetta Stone Version 3-- & gt; MsiExec.exe /X{99011A6E-5200-11DE-BDB8-7ACD56D89593}
Sapi5Tiny-- & gt; MsiExec.exe /I{DA10DE6A-7953-4E21-B054-E8A217067738}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-- & gt; D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT= " "
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2523021)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {AA9E4C48-857D-4558-A4F4-343CA7680277} " " 1045 " " 0 "
Security Update for Microsoft InfoPath 2010 (KB2510065)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {3C6C6854-EB6B-455C-B0A6-9871F0538028} " " 1045 " " 0 "
Security Update for Microsoft Office 2010 (KB2289078)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {1D1A4F08-2F17-475B-BA72-476CE5992FEE} " " 1045 " " 0 "
Security Update for Microsoft Office 2010 (KB2289161)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {F134C2C6-30B3-4169-A325-58482B4CE6FC} " " 1045 " " 0 "
Security Update for Microsoft PowerPoint 2010 (KB2519975)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {45D7C5CD-B967-44AF-9DAB-E5C8545558AD} " " 1045 " " 0 "
Security Update for Microsoft Publisher 2010 (KB2409055)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {C3C277D5-36E3-4B1A-926A-175B2BC019CF} " " 1045 " " 0 "
Security Update for Microsoft Visual Basic 2010 Express - ENU (KB2251489)-- & gt; D:\WINDOWS\system32\msiexec.exe /package {ED784556-66AA-3F17-9B58-7246ACB5C7E4} /uninstall {F606AC5F-4A30-3D7F-BC43-1200864BD9E5} /qb+ REBOOTPROMPT= & quot; & quot;
Security Update for Microsoft Word 2010 (KB2345000)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {A6D422EE-1196-45EE-B9AE-6B5B64975E8B} " " 1045 " " 0 "
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Segoe UI-- & gt; MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Service Pack 1 for SQL Server 2008 (KB968369)-- & gt; " D:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe " /Action=RemovePatch /AllInstances
SHOUTcast DSP Plug-in v2-- & gt; " D:\Program Files\Winamp\uninstall_shoutcast-source-dsp-v2.exe "
SHOUTcast Radio Toolbar-- & gt; " D:\Program Files\SHOUTcast Radio Toolbar\uninstall.exe "
SHOUTcast Source DSP 1.9.1 (remove only)-- & gt; D:\Program Files\Winamp\uninst-dsp.exe
Shutdown Timer-- & gt; MsiExec.exe /I{19D26A2C-D822-484F-908F-34EA2FB8852E}
SigMaChip Camera Driver-- & gt; " D:\Program Files\InstallShield Installation Information\{5B2A499A-8FB6-4206-B0A4-EADE4BA81F25}\setup.exe " -runfromtemp -l0x0009 -removeonly
Skype Toolbars-- & gt; MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype(TM) 5.3-- & gt; MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
SMAC 2.7-- & gt; D:\PROGRA~1\KLC\SMAC\UNWISE.EXE D:\PROGRA~1\KLC\SMAC\INSTALL.LOG
Sp5-- & gt; MsiExec.exe /I{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}
Sp5Intl-- & gt; MsiExec.exe /I{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}
Sp5TTInt-- & gt; MsiExec.exe /I{E415C943-37E5-473F-8BAE-043C56734124}
SpCommon-- & gt; MsiExec.exe /I{6C3959C6-943E-44B3-BAAD-570B04B134E5}
SpPhones-- & gt; MsiExec.exe /I{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}
Sql Server Customer Experience Improvement Program-- & gt; MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
Super Hide IP-- & gt; " D:\Program Files\SuperHideIP\uninst.exe "
Symulator Jazdy 2 v.1.0-- & gt; " E:\Symulator Jazdy 2\unins000.exe "
Tasker version 3.13-- & gt; " D:\Program Files\Tasker\unins000.exe "
TeamSpeak 3 Client-- & gt; " D:\Program Files\TeamSpeak 3 Client\uninstall.exe "
TeamViewer 6-- & gt; D:\Program Files\TeamViewer\Version6\uninstall.exe
Technitium MAC Address Changer v5.0 Release 3-- & gt; D:\Program Files\Technitium\TMACv5.0R3\Installer.exe
Testy B -- & gt; " D:\Program Files\Grupa IMAGE\Testy B\unins000.exe "
TNod User & Password Finder-- & gt; " D:\Program Files\TNod User & Password Finder\uninst-TNod.exe "
Total Video Converter 3.50-- & gt; " D:\Program Files\Total Video Converter\unins000.exe "
Toxic Biohazard-- & gt; D:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TP-LINK Wireless Client Utility-- & gt; " D:\Program Files\InstallShield Installation Information\{7A2A107B-9695-423F-9462-8F17C178BD35}\setup.exe " -runfromtemp -l0x0009 -removeonly
TuneUp Utilities 2011-- & gt; E:\TU2011\TUInstallHelper.exe --Trigger-Uninstall
Uninstall Tool-- & gt; " D:\Program Files\Uninstall Tool\unins000.exe "
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-- & gt; D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT= " "
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-- & gt; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
Update for Microsoft Office 2010 (KB2202188)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {86B7A074-265D-420C-9E1E-7A920EF0ECA7} " " 1045 " " 0 "
Update for Microsoft Office 2010 (KB2413186)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {556146F7-74AE-4E0A-B64F-5B8B93469F61} " " 1045 " " 0 "
Update for Microsoft Office 2010 (KB2413186)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {B5516874-E926-4BFD-B412-D0E70112F244} " " 1045 " " 0 "
Update for Microsoft Office 2010 (KB2413186)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {D6CE7280-6EE3-419A-8F47-DB111C040B1B} " " 1045 " " 0 "
Update for Microsoft Office 2010 (KB2523113)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {C0FF04BF-A05E-408B-81CA-B7FACDA508A3} " " 1045 " " 0 "
Update for Microsoft OneNote 2010 (KB2493983)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {309EEC22-83CE-4109-B019-BA9392FAA322} " " 1045 " " 0 "
Update for Microsoft Outlook Social Connector (KB2441641)-- & gt; " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe " /removereleaseinpatch " {90140000-0011-0000-0000-0000000FF1CE} " " {A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306} " " 1045 " " 0 "
VideoCap-- & gt; " D:\Program Files\InstallShield Installation Information\{2966ABA9-55DF-475E-8D10-3A2EA9F2CCEE}\setup.exe " -runfromtemp -l0x0009 -removeonly
Virtual DJ Pro Full - Atomix Productions-- & gt; D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-- & gt; MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
VLC media player 1.1.5-- & gt; D:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Player-- & gt; D:\Documents and Settings\All Users\Dane aplikacji\VMware\VMware Player\Uninstaller\uninstall.exe -x -S " D:\Documents and Settings\All Users\Dane aplikacji\VMware\VMware Player\Uninstaller\ "
VMware Player-- & gt; MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405}
Winamp-- & gt; " D:\Program Files\Winamp\UninstWA.exe "
Windows Internet Explorer 8-- & gt; " D:\WINDOWS\ie8\spuninst\spuninst.exe "
Windows Live Communications Platform-- & gt; MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Messenger-- & gt; MsiExec.exe /X{4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0}
WinPcap 4.1.2-- & gt; D:\Program Files\WinPcap\uninstall.exe
Wireshark 1.4.3-- & gt; " D:\Program Files\Wireshark\uninstall.exe "
XML Paper Specification Shared Components Language Pack 1.0-- & gt; " D:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe "

======Hosts File======

127.0.0.1 localhost
127.0.0.1 ntrack.com
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

======System event log======

Computer Name: SPECIAL-XP
Event Code: 7036
Message: Usługa Telefonia weszła w stan uruchomienia.

Record Number: 36050
Source Name: Service Control Manager
Time Written: 20110720104252.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 7036
Message: Usługa Usługa COM nagrywania dysków CD IMAPI weszła w stan uruchomienia.

Record Number: 36049
Source Name: Service Control Manager
Time Written: 20110720104252.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 7036
Message: Usługa Google Software Updater weszła w stan zatrzymania.

Record Number: 36048
Source Name: Service Control Manager
Time Written: 20110720104251.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 7035
Message: Do usługi Usługa COM nagrywania dysków CD IMAPI został pomyślnie wysłany kod sterowania uruchom.

Record Number: 36047
Source Name: Service Control Manager
Time Written: 20110720104251.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: SPECIAL-XP
Event Code: 7036
Message: Usługa Zgodność szybkiego przełączania użytkowników weszła w stan uruchomienia.

Record Number: 36046
Source Name: Service Control Manager
Time Written: 20110720104246.000000+120
Event Type: informacje
User:

=====Application event log=====

Computer Name: SPECIAL-XP
Event Code: 1000
Message: Using configuration file: D:\Documents and Settings\All Users\Dane aplikacji\VMware\vmnetnat.conf.
IP address: 192.168.93.2
Subnet: 255.255.255.0
External IP address: 0.0.0.0
Device: vmnet8.
MAC address: 00:50:56:EE:15:AC.
Ignoring host MAC address: 00:50:56:C0:00:08.


Record Number: 7798
Source Name: VMware NAT Service
Time Written: 20110725204445.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 1000
Message: Service started

Record Number: 7797
Source Name: VMware NAT Service
Time Written: 20110725204444.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 0
Message:
Record Number: 7796
Source Name: gusvc
Time Written: 20110725204422.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 0
Message:
Record Number: 7795
Source Name: gupdate
Time Written: 20110725204420.000000+120
Event Type: informacje
User:

Computer Name: SPECIAL-XP
Event Code: 105
Message: The service was started.

Record Number: 7794
Source Name: ATI Smart
Time Written: 20110725204408.000000+120
Event Type: informacje
User:

======Environment variables======

" ComSpec " =%SystemRoot%\system32\cmd.exe
" Path " =D:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;D:\Program Files\ATI Technologies\ATI.ACE\Core-Static;D:\Program Files\Microsoft SQL Server\100\Tools\Binn\;D:\Program Files\Microsoft SQL Server\100\DTS\Binn\
" windir " =%SystemRoot%
" FP_NO_HOST_CHECK " =NO
" OS " =Windows_NT
" PROCESSOR_ARCHITECTURE " =x86
" PROCESSOR_LEVEL " =15
" PROCESSOR_IDENTIFIER " =x86 Family 15 Model 2 Stepping 4, GenuineIntel
" PROCESSOR_REVISION " =0204
" NUMBER_OF_PROCESSORS " =1
" PATHEXT " =.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
" TEMP " =%SystemRoot%\TEMP
" TMP " =%SystemRoot%\TEMP

-----------------EOF-----------------


Logi.rar > Exstras.txt

OTL Extras logfile created on: 2011-08-01 16:21:49 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,25 Gb Total Physical Memory | 0,41 Gb Available Physical Memory | 32,98% Memory free
2,98 Gb Paging File | 2,18 Gb Available in Paging File | 73,10% Paging File free
Paging file location(s): D:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 16,38 Gb Total Space | 5,38 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
Drive D: | 44,20 Gb Total Space | 2,96 Gb Free Space | 6,69% Space Free | Partition Type: NTFS
Drive E: | 38,23 Gb Total Space | 20,21 Gb Free Space | 52,86% Space Free | Partition Type: NTFS
Drive F: | 50,24 Gb Total Space | 36,80 Gb Free Space | 73,25% Space Free | Partition Type: NTFS
Drive H: | 7,78 Mb Total Space | 7,48 Mb Free Space | 96,11% Space Free | Partition Type: FAT

Computer Name: SPECIAL-XP | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; extension & gt; ]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL " %1 " ,%*
.html [@ = Opera.HTML] -- D:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1417001333-838170752-2147085195-1003\SOFTWARE\Classes\ & lt; extension & gt; ]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; key & gt; \shell\[command]\command]
batfile [open] -- " %1 " %*
cmdfile [open] -- " %1 " %*
comfile [open] -- " %1 " %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL " %1 " ,%*
exefile [open] -- " %1 " %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Value error.
http [open] -- " D:\Program Files\Opera\Opera.exe " " %1 " (Opera Software)
https [open] -- " D:\Program Files\Opera\Opera.exe " " %1 " (Opera Software)
InternetShortcut [open] -- Reg Error: Key error.
piffile [open] -- " %1 " %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- " %1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- " %1 " /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- " D:\Program Files\VideoLAN\VLC\vlc.exe " --started-from-file --playlist-enqueue " %1 " ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- " D:\Program Files\VideoLAN\VLC\vlc.exe " --started-from-file --no-playlist-enqueue " %1 " ()
Directory [Winamp.Bookmark] -- " D:\Program Files\Winamp\winamp.exe " /BOOKMARK " %1 " (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- " D:\Program Files\Winamp\winamp.exe " /ADD " %1 " (Nullsoft, Inc.)
Directory [Winamp.Play] -- " D:\Program Files\Winamp\winamp.exe " " %1 " (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
" FirstRunDisabled " = 1
" AntiVirusDisableNotify " = 0
" FirewallDisableNotify " = 0
" UpdatesDisableNotify " = 0
" AntiVirusOverride " = 0
" FirewallOverride " = 0
" UacDisableNotify " = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
" AntiVirusDisableNotify " = 0
" AntiVirusOverride " = 0
" FirewallDisableNotify " = 0
" FirewallOverride " = 0
" UacDisableNotify " = 0
" UpdatesDisableNotify " = 0

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
" DisableSR " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
" Start " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
" Start " = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
" EnableFirewall " = 0
" DisableNotifications " = 0
" DoNotAllowExceptions " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
" EnableFirewall " = 1
" DoNotAllowExceptions " = 0
" DisableNotifications " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
" D:\Program Files\BearShare Applications\BearShare\BearShare.exe " = D:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
" D:\Program Files\VMware\VMware Player\vmware-authd.exe " = D:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)
" F:\RS\support\bin\win\RosettaStoneLtdServices.exe " = F:\RS\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
" F:\RS\RosettaStoneVersion3.exe " = F:\RS\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Multidmedia Limited )
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe " = D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe:*:Enabled:RosettaStoneLtdController -- (Rosetta Stone Ltd.)
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe " = D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe:*:Enabled:RosettaStoneLtdServer -- (Rosetta Stone Ltd.)
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe " = D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:*:Enabled:RosettaStoneLtdServices -- (Rosetta Stone Ltd. )

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
" D:\Program Files\uTorrent\uTorrent.exe " = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent -- (BitTorrent, Inc.)
" D:\Program Files\Gadu-Gadu 10\gg.exe " = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
" E:\NFSU2\speed2.exe " = E:\NFSU2\speed2.exe:*:Enabled:speed2 -- ()
" D:\Program Files\Opera\opera.exe " = D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
" D:\Program Files\Cain\Cain.exe " = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- (oxid.it)
" D:\Program Files\eMule\emule.exe " = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
" D:\Program Files\Winamp\winamp.exe " = D:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
" D:\Program Files\VMware\VMware Player\vmware-authd.exe " = D:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)
" D:\Program Files\Microsoft Office\Office14\GROOVE.EXE " = D:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
" D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE " = D:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
" D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE " = D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
" D:\Program Files\TeamViewer\Version6\TeamViewer.exe " = D:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
" D:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe " = D:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
" D:\Program Files\Java\jre6\bin\javaw.exe " = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
" E:\cs\hl.exe " = E:\cs\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
" D:\Program Files\Paltalk Messenger\paltalk.exe " = D:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:Paltalk Messenger -- (AVM Software Inc.)
" F:\RS\support\bin\win\RosettaStoneLtdServices.exe " = F:\RS\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
" F:\RS\RosettaStoneVersion3.exe " = F:\RS\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Multidmedia Limited )
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe " = D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe:*:Enabled:RosettaStoneLtdController -- (Rosetta Stone Ltd.)
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe " = D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe:*:Enabled:RosettaStoneLtdServer -- (Rosetta Stone Ltd.)
" D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe " = D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:*:Enabled:RosettaStoneLtdServices -- (Rosetta Stone Ltd. )
" C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe " = C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe:*:Enabled:Foxit PDF Editor, the first REAL editor for PDF files! -- (Foxit Software Company)
" D:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe " = D:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
" D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe " = D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite -- (Nokia)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} " = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
" {01D8CA8B-3F5F-4590-A0F3-36373BE97866}_is1 " = Testy B
" {036FD544-AED6-3F33-856D-A2292D0CF471} " = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
" {07D77970-B205-460C-84E4-263F30455597} " = Nokia Ovi Suite
" {0868BB9D-5EA0-40AF-A1CC-A38ED4E5BC67} " = 32 Bit HP CIO Components Installer
" {0A0CADCF-78DA-33C4-A350-CD51849B9702} " = Microsoft .NET Framework 4 Extended
" {0DC86BEC-5CE3-413A-BB61-C40A3D186B24} " = Scan
" {112C23F2-C036-4D40-BED4-0CB47BF5555C} " = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
" {12451AF7-EFF8-4B5B-8255-282D7CC7CAEE} " = OviMPlatform
" {14DD7530-CCD2-3798-B37D-3839ED6A441C} " = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
" {1965C9BB-9114-4A50-AEC7-E62414BB117B} " = EASEUS Data Recovery Wizard Professional 4.3.6
" {196E77C5-F524-4B50-BD1A-2C21EEE9B8F7} " = Microsoft SQL Server 2008 Common Files
" {19D26A2C-D822-484F-908F-34EA2FB8852E} " = Shutdown Timer
" {19FDE7C3-9837-4365-883C-01D51A9F262C} " = ESET Smart Security
" {1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1 " = Symulator Jazdy 2 v.1.0
" {205C6BDD-7B73-42DE-8505-9A093F35A238} " = Narz?dzie do przekazywania us?ugi Windows Live
" {2110AF8F-F6E9-4712-A185-1B839C60822E} " = Rosetta Stone Ltd Services
" {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} " = MSVCRT
" {23BE4DF2-293D-4077-82F4-1FD8C269277C} " = TuneUp Utilities Language Pack (en-US)
" {24036256-BFDB-4CD3-BE8A-A3D6160F2E16} " = TuneUp Utilities 2011
" {26A24AE4-039D-4CA4-87B4-2F83216022FF} " = Java(TM) 6 Update 26
" {2966ABA9-55DF-475E-8D10-3A2EA9F2CCEE} " = VideoCap
" {2A2F3AE8-246A-4252-BB26-1BEB45627074} " = Microsoft SQL Server System CLR Types
" {2C72AE8A-932F-4AF8-92DD-60B84AA30BDE} " = FBP - Facebook Blaster Pro
" {2CC53A53-44F4-4667-8584-2FFC9ACB2242} " = Ovi Desktop Sync Engine
" {2D99A593-C841-43A7-B7C9-D6F3AE70B756} " = Nokia Connectivity Cable Driver
" {2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3} " = Logitech SetPoint
" {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} " = Windows Live Communications Platform
" {321320E1-0E5A-36CB-9E52-F3B201B8C4D4} " = Microsoft .NET Framework 4 Client Profile PLK Language Pack
" {32A3A4F4-B792-11D6-A78A-00B0D0160250} " = Java(TM) SE Development Kit 6 Update 25
" {33AE9E89-47C9-4A0D-9E9D-BDD6966A3804} " = Microsoft SQL Server 2008 RsFx Driver
" {350C9415-3D7C-4EE8-BAA9-00BCB3D54227} " = WebFldrs XP
" {3A9FC03D-C685-4831-94CF-4EDFD3749497} " = Microsoft SQL Server Compact 3.5 SP2 ENU
" {3C3901C5-3455-3E0A-A214-0B093A5070A6} " = Microsoft .NET Framework 4 Client Profile
" {47C39E4A-28F2-33B1-B9B7-97F24E52D917} " = Microsoft Help Viewer 1.0
" {4815BD99-96A4-49FE-A885-DCF06E9E4E78} " = Microsoft SQL Server 2008 Database Engine Shared
" {481EA8F8-CAC0-4137-9CF8-DD0297593E61} " = TP-LINK Wireless Client Utility
" {487C2D48-A9E3-4F34-92BD-B6A847025C16} " = Free eXPert PDF Reader
" {4A03706F-666A-4037-7777-5F2748764D10} " = Java Auto Updater
" {4A6F34E2-09E5-4616-B227-4A26A488A6F9} " = Microsoft SQL Server 2008 Common Files
" {4C967D35-7FBF-459C-BF3C-CD0A3EF34333}_is1 " = Live Redemption Checker
" {4D5219EC-BFF8-4B7F-AB92-6D827BB37CB0} " = Windows Live Messenger
" {4DFF1415-4C29-44A8-BFD4-2BCE249C4991} " = SpPhones
" {4E968D9C-21A7-4915-B698-F7AEB913541D} " = Microsoft SQL Server 2008 R2 Management Objects
" {4F44B5AE-82A6-4A8A-A3E3-E24D489728E3} " = Microsoft SQL Server 2008 Native Client
" {51958BA7-21E4-4A8B-9098-CD8375BD17B2} " = Asystent rejestracji us?ugi Windows Live
" {5335DADB-34BA-4AE8-A519-648D78498846} " = Skype™ 5.3
" {5469D537-9B44-4c78-BF2D-5F9807564F74} " = HP PSC & OfficeJet 4.7
" {560F47F7-EB23-44B1-AAFC-667F1CD8FE5C} " = Sp5
" {58721EC3-8D4E-4B79-BC51-1054E2DDCD10} " = Microsoft SQL Server 2008 Database Engine Services
" {5B2A499A-8FB6-4206-B0A4-EADE4BA81F25} " = SigMaChip Camera Driver
" {5C19E2DC-4CCF-3114-B40A-6E565987025F} " = Microsoft .NET Framework 4 Extended PLK Language Pack
" {655CB07D-C944-40BE-B93F-55957CAC7625} " = AiO_Scan
" {6C3959C6-943E-44B3-BAAD-570B04B134E5} " = SpCommon
" {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} " = MSVC80_x86_v2
" {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} " = Microsoft Visual C++ 2005 Redistributable
" {73EC658D-A1C6-40CA-8E86-E05821BAACE7} " = Java DB 10.6.2.1
" {7A2A107B-9695-423F-9462-8F17C178BD35} " = TP-LINK Wireless Client Utility
" {7C77393F-8237-3825-A88A-AFAF3C69C072} " = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
" {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} " = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
" {8777AC6D-89F9-4793-8266-DE406F343E89} " = QFolder
" {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} " = Microsoft Silverlight
" {90140000-0010-0415-0000-0000000FF1CE} " = Microsoft Software Update for Web Folders (Polish) 14
" {90140000-0011-0000-0000-0000000FF1CE} " = Microsoft Office Professional Plus 2010
" {90140000-0015-0415-0000-0000000FF1CE} " = Microsoft Office Access MUI (Polish) 2010
" {90140000-0016-0415-0000-0000000FF1CE} " = Microsoft Office Excel MUI (Polish) 2010
" {90140000-0018-0415-0000-0000000FF1CE} " = Microsoft Office PowerPoint MUI (Polish) 2010
" {90140000-0019-0415-0000-0000000FF1CE} " = Microsoft Office Publisher MUI (Polish) 2010
" {90140000-001A-0415-0000-0000000FF1CE} " = Microsoft Office Outlook MUI (Polish) 2010
" {90140000-001B-0415-0000-0000000FF1CE} " = Microsoft Office Word MUI (Polish) 2010
" {90140000-001F-0407-0000-0000000FF1CE} " = Microsoft Office Proof (German) 2010
" {90140000-001F-0409-0000-0000000FF1CE} " = Microsoft Office Proof (English) 2010
" {90140000-001F-0415-0000-0000000FF1CE} " = Microsoft Office Proof (Polish) 2010
" {90140000-002C-0415-0000-0000000FF1CE} " = Microsoft Office Proofing (Polish) 2010
" {90140000-0044-0415-0000-0000000FF1CE} " = Microsoft Office InfoPath MUI (Polish) 2010
" {90140000-006E-0415-0000-0000000FF1CE} " = Microsoft Office Shared MUI (Polish) 2010
" {90140000-00A1-0415-0000-0000000FF1CE} " = Microsoft Office OneNote MUI (Polish) 2010
" {90140000-00BA-0415-0000-0000000FF1CE} " = Microsoft Office Groove MUI (Polish) 2010
" {909F8EBC-EC7F-48FF-0085-475D818F0F31} " = Need for Speed Underground 2
" {95120000-00B9-0409-0000-0000000FF1CE} " = Microsoft Application Error Reporting
" {95140000-00AF-0409-0000-0000000FF1CE} " = Microsoft PowerPoint Viewer
" {99011A6E-5200-11DE-BDB8-7ACD56D89593} " = Rosetta Stone Version 3
" {9A25302D-30C0-39D9-BD6F-21E6EC160475} " = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
" {9BE518E6-ECC6-35A9-88E4-87755C07200F} " = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
" {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} " = Segoe UI
" {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} " = Microsoft .NET Framework 3.0 Service Pack 2
" {A43BF6A5-D5F0-4AAA-BF41-65995063EC44} " = MSXML 6.0 Parser
" {A53A11EA-0095-493F-86FA-A15E8A86A405} " = VMware Player
" {A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0} " = Nokia Ovi Suite Software Updater
" {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} " = Google Update Helper
" {ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730} " = REALTEK GbE & FE Ethernet PCI NIC Driver
" {AF111648-99A1-453E-81DD-80DBBF6DAD0D} " = MSVC90_x86
" {B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2} " = Microsoft SQL Server 2008 Database Engine Services
" {B6CF2967-C81E-40C0-9815-C05774FEF120} " = Skype Toolbars
" {B7618997-1B89-4680-A39B-342BBEF8E0D6}_is1 " = FreeVPN v3.22
" {B857D868-F8B0-43EE-BC2B-D9E5ED21F237} " = Microsoft SQL Server VSS Writer
" {BD7D5903-CACF-4974-979F-B2523B75E544} " = n-Track Studio 6
" {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} " = Microsoft .NET Framework 2.0 Service Pack 2
" {C373F7C4-05D2-4047-96D1-6AF30661C6AA} " = PC Connectivity Solution
" {C5096D00-8B9C-41DB-8472-9D721E982DF0} " = Podstawowe programy Windows Live
" {C688457E-03FD-4941-923B-A27F4D42A7DD} " = Microsoft SQL Server 2008 Browser
" {C8E95BF5-C07F-4D98-BB42-F58FC98BC03E} " = Google Apps
" {C965F01C-76EA-4BD7-973E-46236AE312D7} " = Sql Server Customer Experience Improvement Program
" {CDC74FE6-5224-11D6-B27F-00E0181A6FA8} " = D-Link AirPlus
" {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} " = Microsoft .NET Framework 3.5 SP1
" {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} " = Microsoft .NET Framework 4 Multi-Targeting Pack
" {D441BD04-E548-4F8E-97A4-1B66135BAAA8} " = Microsoft SQL Server 2008 Setup Support Files
" {DA10DE6A-7953-4E21-B054-E8A217067738} " = Sapi5Tiny
" {E415C943-37E5-473F-8BAE-043C56734124} " = Sp5TTInt
" {ED784556-66AA-3F17-9B58-7246ACB5C7E4} " = Microsoft Visual Basic 2010 Express - ENU
" {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} " = Microsoft Choice Guard
" {F1000000-0001-0000-0000-074957833700} " = ABBYY FineReader 10 Professional Edition
" {F31E509D-3597-324E-83CF-0C160B2320F0} " = Microsoft .NET Framework 3.5 Language Pack - plk
" {F3494AB6-6900-41C6-AF57-823626827ED8} " = Microsoft SQL Server 2008 Database Engine Shared
" {FB08F381-6533-4108-B7DD-039E11FBC27E} " = Realtek AC'97 Audio
" {FD4B33E1-24AE-4535-AA7B-162B30FB57CD} " = Sp5Intl
" {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} " = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
" 1489-3350-5074-6281 " = JDownloader 0.9
" 504244733D18C8F63FF584AEB290E3904E791693 " = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
" 7-Zip " = 7-Zip 9.20
" Adobe Flash Player ActiveX " = Adobe Flash Player 10 ActiveX
" Adobe Flash Player Plugin " = Adobe Flash Player 10 Plugin
" Aiseesoft Streaming Video Recorder_is1 " = Aiseesoft Streaming Video Recorder
" All ATI Software " = Narz?dzie Software Uninstall Utility firmy ATI
" Arturia Minimoog V v1.0 " = Arturia Minimoog V v1.0
" Ashampoo Burning Studio 10_is1 " = Ashampoo Burning Studio 10.0.7
" ASIO4ALL " = ASIO4ALL
" ATI Display Driver " = ATI Display Driver (Omega 3.8.442)
" Audacity_is1 " = Audacity 1.2.6
" AutoItv3 " = AutoIt v3.3.6.1
" blueconnect " = blueconnect
" Cain & Abel v4.9.39 " = Cain & Abel v4.9.39
" CCleaner " = CCleaner
" Cheat Engine 6.0_is1 " = Cheat Engine 6.0
" Collab " = Collab
" creepy " = creepy 0.1.92
" CyberGhost VPN_is1 " = CyberGhost VPN Patch 4.6.10
" Download Master_is1 " = Download Master version 5.10.1.1267
" Driver Checker_is1 " = Driver Checker v2.7.4
" Dzielenie i ??czenie plików_is1 " = Dzielenie i ??czenie plików v1.2.2
" EVEREST Ultimate Edition_is1 " = EVEREST Ultimate Edition v5.50
" FBDevil " = Facebook Devil
" Fiddler2 " = Fiddler2
" FL Studio 9 " = FL Studio 9
" Foxit PDF Editor " = Foxit PDF Editor
" Gadu-Gadu 10 " = Gadu-Gadu 10
" Google Updater " = Aktualizator Google
" HD Tune Pro_is1 " = HD Tune Pro 4.61
" HideIPPrivacy " = Hide IP Privacy
" Hot Keyboard Pro_is1 " = Hot Keyboard Pro 3.2
" HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6 " = HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6
" HP Photo & Imaging " = HP Image Zone 4.7
" HyperCam 3 " = HyperCam 3
" ie8 " = Windows Internet Explorer 8
" IL Download Manager " = IL Download Manager
" Internet Download Manager " = Internet Download Manager
" JDownloader " = JDownloader
" Kamerzysta " = Kamerzysta (deinstalacja)
" Live Redemption Checker " = Live Redemption Checker
" Malwarebytes' Anti-Malware_is1 " = Malwarebytes' Anti-Malware wersja 1.51.1.1800
" Microsoft .NET Framework 3.5 Language Pack - plk " = Pakiet j?zykowy programu Microsoft .NET Framework 3.5 — PLK
" Microsoft .NET Framework 3.5 SP1 " = Microsoft .NET Framework 3.5 SP1
" Microsoft .NET Framework 4 Client Profile " = Microsoft .NET Framework 4 Client Profile
" Microsoft .NET Framework 4 Client Profile PLK Language Pack " = Polski pakiet j?zykowy dla programu Microsoft .NET Framework 4 Client Profile
" Microsoft .NET Framework 4 Extended " = Microsoft .NET Framework 4 Extended
" Microsoft .NET Framework 4 Extended PLK Language Pack " = Polski pakiet j?zykowy dla programu Microsoft .NET Framework 4 Extended
" Microsoft Help Viewer 1.0 " = Microsoft Help Viewer 1.0
" Microsoft SQL Server 10 " = Microsoft SQL Server 2008
" Microsoft SQL Server 10 Release " = Microsoft SQL Server 2008
" Microsoft Visual Basic 2010 Express - ENU " = Microsoft Visual Basic 2010 Express - ENU
" Mobile Partner " = Mobile Partner
" MoorHunt_is1 " = MoorHunt 0.6.7.2
" Mowa Cia?a " = Mowa Cia?a
" Mozilla Firefox 5.0 (x86 pl) " = Mozilla Firefox 5.0 (x86 pl)
" MultiRes (remove only) " = MultiRes (remove only)
" Network Stumbler " = Network Stumbler 0.4.0 (remove only)
" Nokia Ovi Suite " = Nokia Ovi Suite
" Office14.PROPLUS " = Microsoft Office Professional Plus 2010
" OpenAL " = OpenAL
" Opera 11.10.2092 " = Opera 11.10
" PalTalk8.2 " = Paltalk Messenger
" PhotoME Beta-Release_is1 " = PhotoME Beta-Release
" PlatinumHideIP " = Platinum Hide IP
" Radeon Omega Drivers for Windows XP/2kv4.8.442 " = Radeon Omega Drivers v4.8.442 Setup Files and Tools
" RealHideIP " = Real Hide IP
" SHOUTcast " = SHOUTcast DSP Plug-in v2
" SHOUTcast Radio Toolbar " = SHOUTcast Radio Toolbar
" SHOUTcastDSP " = SHOUTcast Source DSP 1.9.1 (remove only)
" SMAC 2.7 " = SMAC 2.7
" SuperHideIP " = Super Hide IP
" Tasker_is1 " = Tasker version 3.13
" TeamSpeak 3 Client " = TeamSpeak 3 Client
" TeamViewer 6 " = TeamViewer 6
" TMACv5.0R3 " = Technitium MAC Address Changer v5.0 Release 3
" TNod " = TNod User & Password Finder
" Total Video Converter 3.50_is1 " = Total Video Converter 3.50
" Toxic Biohazard " = Toxic Biohazard
" TuneUp Utilities 2011 " = TuneUp Utilities 2011
" Uninstall Tool_is1 " = Uninstall Tool
" uTorrent " = uTorrent
" Virtual DJ Pro Full - Atomix Productions " = Virtual DJ Pro Full - Atomix Productions
" VLC media player " = VLC media player 1.1.5
" VMware_Player " = VMware Player
" Wdf01009 " = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
" Winamp " = Winamp
" WinLiveSuite_Wave3 " = Podstawowe programy Windows Live
" WinPcapInst " = WinPcap 4.1.2
" WinRAR archiver " = Archiwizator WinRAR
" Wireshark " = Wireshark 1.4.3
" Wudf01009 " = Microsoft User-Mode Driver Framework Feature Pack 1.9
" XpsEPSC " = XML Paper Specification Shared Components Pack 1.0
" XPSEPSCLP " = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1417001333-838170752-2147085195-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" Counter-Strike " = Counter-Strike
" Google Chrome " = Google Chrome
" Winamp Detect " = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'system_views', because it does not exist or
you do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'system_objects', because it does not exist
or you do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'extended_procedures', because it does not
exist or you do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'views', because it does not exist or you do
not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'tables', because it does not exist or you
do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'objects', because it does not exist or you
do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'all_sql_modules', because it does not exist
or you do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'all_parameters', because it does not exist
or you do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'all_columns', because it does not exist or
you do not have permission.

Error - 2011-07-29 13:38:39 | Computer Name = SPECIAL-XP | Source = MSSQL$SQLEXPRESS | ID = 15151
Description = Cannot find the object 'all_views', because it does not exist or you
do not have permission.

[ System Events ]
Error - 2011-08-01 10:04:27 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error - 2011-08-01 10:04:29 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {D05D5AC0-CBDC-43B7-AADB-E3AC4E98CCE9}

Error - 2011-08-01 10:04:29 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {D05D5AC0-CBDC-43B7-AADB-E3AC4E98CCE9}

Error - 2011-08-01 10:04:29 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {D05D5AC0-CBDC-43B7-AADB-E3AC4E98CCE9}

Error - 2011-08-01 10:04:29 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {D05D5AC0-CBDC-43B7-AADB-E3AC4E98CCE9}

Error - 2011-08-01 10:04:30 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error - 2011-08-01 10:04:33 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error - 2011-08-01 10:04:35 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error - 2011-08-01 10:04:38 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error - 2011-08-01 10:04:42 | Computer Name = SPECIAL-XP | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d „%1058” podczas próby uruchomienia us?ugi
ServiceLayer z argumentami „” w celu uruchomienia serwera: {ACF50018-41F8-476D-85FD-CD953DAE4A49}


& lt; End of report & gt;


Logi.rar > OTL.txt

OTL logfile created on: 2011-08-01 16:21:49 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,25 Gb Total Physical Memory | 0,41 Gb Available Physical Memory | 32,98% Memory free
2,98 Gb Paging File | 2,18 Gb Available in Paging File | 73,10% Paging File free
Paging file location(s): D:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 16,38 Gb Total Space | 5,38 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
Drive D: | 44,20 Gb Total Space | 2,96 Gb Free Space | 6,69% Space Free | Partition Type: NTFS
Drive E: | 38,23 Gb Total Space | 20,21 Gb Free Space | 52,86% Space Free | Partition Type: NTFS
Drive F: | 50,24 Gb Total Space | 36,80 Gb Free Space | 73,25% Space Free | Partition Type: NTFS
Drive H: | 7,78 Mb Total Space | 7,48 Mb Free Space | 96,11% Space Free | Partition Type: FAT

Computer Name: SPECIAL-XP | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-08-01 16:20:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs\OTL.exe
PRC - [2011-07-21 14:01:32 | 000,966,712 | ---- | M] (Nokia) -- D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2011-06-14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011-05-30 22:19:12 | 000,140,952 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011-05-05 17:25:14 | 003,298,712 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2011-03-30 19:01:50 | 000,671,552 | ---- | M] (TuneUp Software) -- E:\TU2011\TuneUpUtilitiesApp32.exe
PRC - [2011-03-30 19:00:10 | 001,523,008 | ---- | M] (TuneUp Software) -- E:\TU2011\TuneUpUtilitiesService32.exe
PRC - [2011-03-24 22:26:47 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\uTorrent\uTorrent.exe
PRC - [2010-11-19 18:36:54 | 000,585,728 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\soundman.exe
PRC - [2010-06-24 10:27:12 | 000,810,144 | ---- | M] (ESET) -- D:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-06-24 10:27:06 | 002,202,704 | ---- | M] (ESET) -- D:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010-05-21 13:56:04 | 000,499,796 | ---- | M] (Atheros) -- D:\WINDOWS\system32\acs.exe
PRC - [2010-05-21 13:55:40 | 000,561,263 | ---- | M] () -- D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-06-02 20:12:44 | 000,332,284 | ---- | M] (SigmaChip) -- D:\WINDOWS\SGStiMon.exe
PRC - [2008-04-14 22:51:18 | 001,042,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2008-01-23 20:46:50 | 000,606,208 | ---- | M] (TB Labs) -- D:\Program Files\Hot Keyboard\HotKeyb.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-08-01 16:20:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs\OTL.exe
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2003-03-17 17:09:08 | 000,008,736 | ---- | M] () -- D:\Program Files\Hot Keyboard\hkhook21.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-06-11 21:25:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [Disabled | Stopped] -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-03-31 20:35:39 | 000,008,192 | ---- | M] () [Auto | Stopped] -- D:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2011-03-30 19:00:10 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- E:\TU2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011-03-30 18:57:40 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011-02-02 11:57:38 | 002,413,704 | ---- | M] (mobile concepts GmbH) [Disabled | Stopped] -- D:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV - [2010-11-11 13:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- D:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010-11-11 13:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- D:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2010-11-11 13:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- D:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2010-11-11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- D:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010-08-19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- D:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010-07-22 19:07:05 | 000,814,344 | ---- | M] (ABBYY) [Disabled | Stopped] -- D:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0)
SRV - [2010-06-25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [Disabled | Stopped] -- D:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010-06-24 10:27:54 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-06-24 10:27:12 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- D:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-05-21 13:56:04 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- D:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2008-09-16 11:02:42 | 000,352,312 | ---- | M] (Rosetta Stone Ltd.) [Disabled | Stopped] -- D:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe -- (RosettaStoneLtdController)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-05-30 18:50:32 | 000,101,360 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2011-05-18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011-05-18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011-05-18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011-05-18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-05-18 10:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011-05-18 10:09:48 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010-11-21 12:32:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-11-19 18:36:51 | 004,122,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2010-11-11 13:32:10 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2010-11-11 13:32:08 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2010-11-11 13:31:34 | 000,023,792 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\vmparport.sys -- (VMparport)
DRV - [2010-11-11 13:30:34 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010-11-11 13:29:30 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010-11-11 13:29:26 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010-11-11 12:31:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2010-11-11 10:04:54 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2010-11-11 10:04:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010-10-07 14:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- E:\TU2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010-08-19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010-06-25 19:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010-06-24 10:27:22 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010-06-24 10:26:24 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-05-21 13:56:04 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2010-04-28 09:17:46 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-04-28 09:17:46 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-28 09:17:46 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-01-05 03:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2009-06-19 17:40:54 | 000,095,040 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\SGCam3UVC.sys -- (SG320 Video Capture)
DRV - [2009-03-30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- D:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-08-01 00:42:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2008-03-17 12:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-12-05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007-11-05 09:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- D:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2006-09-01 13:32:50 | 000,003,712 | ---- | M] (Logitech Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2006-07-19 13:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006-07-19 13:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006-07-19 13:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2004-03-24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2003-09-08 10:06:36 | 000,255,360 | R--- | M] (D-Link) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw & s={searchTerms} & f=4
IE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1417001333-838170752-2147085195-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1417001333-838170752-2147085195-1003\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
IE - HKU\S-1-5-21-1417001333-838170752-2147085195-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: " Ask.com "
FF - prefs.js..browser.search.defaultenginename: " Ask.com "
FF - prefs.js..browser.search.order.1: " Ask.com "
FF - prefs.js..browser.search.selectedEngine: " Google "
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: " http://pl.start3.mozilla.com/firefox?client=firefox-a & rls=org.mozilla:pl:official "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: support@hideipprivacy.com:1.0
FF - prefs.js..extensions.enabledItems: fiddlerhook@fiddler2.com:2.3.2.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: support@super-hide-ip.com:1.0
FF - prefs.js..extensions.enabledItems: {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..keyword.URL: " http://search.bearshare.com/web?src=ffb & systemid=2 & q= "
FF - prefs.js..network.proxy.gopher: " "
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: D:\Program Files\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fiddlerhook@fiddler2.com: D:\Program Files\Fiddler2\FiddlerHook [2011-02-13 17:03:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011-07-24 00:51:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011-05-18 19:40:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-12-05 22:17:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: D:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-07-28 15:24:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\Mateusz\Dane aplikacji\IDM\idmmzcc3 [2011-06-04 10:20:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\Mateusz\Dane aplikacji\IDM\idmmzcc3 [2011-06-04 10:20:47 | 000,000,000 | ---D | M]

[2011-05-06 19:50:11 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions
[2011-02-05 12:03:36 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-07-31 22:40:43 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions
[2011-03-22 22:43:09 | 000,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
[2011-02-05 11:51:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-07-18 17:13:53 | 000,000,000 | ---D | M] (iMacros for Firefox) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011-06-22 16:09:38 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-05-18 19:40:31 | 000,000,000 | ---D | M] (Download Master Plugin) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\dmpluginff@westbyte.com
[2011-07-18 14:51:21 | 000,000,000 | ---D | M] (Flashbug) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\flashbug@coursevector.com
[2011-07-21 21:03:48 | 000,000,000 | ---D | M] (FlashFirebug) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\flashfirebug@o-minds.com
[2011-02-12 15:57:25 | 000,000,000 | ---D | M] (Hide IP Privacy) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\support@hideipprivacy.com
[2011-02-20 22:18:29 | 000,000,000 | ---D | M] (Super Hide IP) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\support@super-hide-ip.com
[2011-07-31 10:46:39 | 000,000,000 | ---D | M] (Echofon) -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\extensions\twitternotifier@naan.net
[2011-03-24 17:04:32 | 000,002,397 | ---- | M] () -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\searchplugins\askcom.xml
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- D:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\ddxtsclk.default\searchplugins\BearShareWebSearch.xml
[2011-07-26 14:20:51 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011-05-01 10:09:33 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011-07-26 14:20:52 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- D:\DOCUMENTS AND SETTINGS\MATEUSZ\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\DDXTSCLK.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- D:\DOCUMENTS AND SETTINGS\MATEUSZ\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\DDXTSCLK.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2010-11-18 16:18:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-07-24 00:51:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-02 19:35:32 | 000,126,064 | ---- | M] (WestByte) -- D:\Program Files\mozilla firefox\plugins\npdm.dll
[2011-03-17 21:57:30 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-09-14 14:48:25 | 000,002,506 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-05-17 21:17:26 | 000,002,048 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-07-31 13:48:06 | 000,000,977 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ntrack.com
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (IE 4.x-6.x BHO for Download Master) - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - D:\Program Files\Download Master\dmiehlp.dll (WestByte)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SHOUTcast Loader) - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (SHOUTcast Radio Toolbar) - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1417001333-838170752-2147085195-1003\..\Toolbar\WebBrowser: (SHOUTcast Radio Toolbar) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O4 - HKLM..\Run: [AtiPTA] D:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [egui] D:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NokiaMServer] D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [SGCameraMonitor] D:\WINDOWS\SGStiMon.exe (SigmaChip)
O4 - HKLM..\Run: [SoundMan] D:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TNOD UP] D:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
O4 - HKLM..\Run: [TWCU] D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe ()
O4 - HKU\S-1-5-21-1417001333-838170752-2147085195-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-1417001333-838170752-2147085195-1003..\Run: [Hot Keyboard] D:\Program Files\Hot Keyboard\HotKeyb.exe (TB Labs)
O4 - HKU\S-1-5-21-1417001333-838170752-2147085195-1003..\Run: [NokiaOviSuite2] D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1417001333-838170752-2147085195-1003..\Run: [uTorrent] D:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\PalTalk.lnk = D:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun: NoDriveTypeAutoRun = 177
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1417001333-838170752-2147085195-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O8 - Extra context menu item: & SHOUTcast Search - D:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Assign & hot key - D:\Program Files\Hot Keyboard Pro\IEScript.htm ()
O8 - Extra context menu item: Ç???÷??ü Â?? ??? ?î?î?? Download Master - D:\Program Files\Download Master\dmieall.htm ()
O8 - Extra context menu item: Ç???÷??ü ??? ?î?î?? Download Master - D:\Program Files\Download Master\dmie.htm ()
O8 - Extra context menu item: ????ä??ü í? óä?ë?ííó? ç???÷?ó DM - D:\Program Files\Download Master\remdown.htm ()
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Œci?gnij przez IDM - D:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Œci?gnij wszystkie linki przez IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Wyœlij & do programu OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: ???????? ??? ??? ?????? Download Master - D:\Program Files\Download Master\dmieall.htm ()
O8 - Extra context menu item: ???????? ??? ?????? Download Master - D:\Program Files\Download Master\dmie.htm ()
O8 - Extra context menu item: ???????? ?? ????????? ??????? DM - D:\Program Files\Download Master\remdown.htm ()
O9 - Extra Button: Wyœlij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyœlij & do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: & Notatki po??czone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : & Notatki po??czone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - D:\Program Files\Download Master\dmaster.exe (WestByte)
O9 - Extra 'Tools' menuitem : & Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - D:\Program Files\Download Master\dmaster.exe (WestByte)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - D:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - D:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1292361887140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bie??ca strona g?ówna) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\cyberghost.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\finereader.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\googleapps.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\googleupdater.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\javaw.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\javaws.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\misc.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\paltalk.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\remotesupport.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\uninstall.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\vmplayer.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O27 - HKLM IFEO\Winword.exe: Debugger - " E:\TU2011\TUAutoReactivator32.exe " (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{603b1dc5-2d46-11e0-8d0c-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{603b1dc5-2d46-11e0-8d0c-00119504c8ba}\Shell\AutoRun\command - " " = J:\AutoRun.exe
O33 - MountPoints2\{603b1dc9-2d46-11e0-8d0c-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{603b1dc9-2d46-11e0-8d0c-00119504c8ba}\Shell\AutoRun\command - " " = J:\AutoRun.exe
O33 - MountPoints2\{d56f888e-29fc-11e0-8cfd-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{d56f888e-29fc-11e0-8cfd-00119504c8ba}\Shell\AutoRun\command - " " = J:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d56f8891-29fc-11e0-8cfd-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{d56f8891-29fc-11e0-8cfd-00119504c8ba}\Shell\AutoRun\command - " " = J:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d8cc129c-3143-11e0-8d1f-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{d8cc129c-3143-11e0-8d1f-00119504c8ba}\Shell\AutoRun\command - " " = J:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d8cc129d-3143-11e0-8d1f-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{d8cc129d-3143-11e0-8d1f-00119504c8ba}\Shell\AutoRun\command - " " = J:\AutoRun.exe
O33 - MountPoints2\{fc060e16-2e14-11e0-8d0f-00119504c8ba}\Shell - " " = AutoRun
O33 - MountPoints2\{fc060e16-2e14-11e0-8d0f-00119504c8ba}\Shell\AutoRun\command - " " = J:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-07-31 22:57:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Dane aplikacji\HD Tune Pro
[2011-07-31 22:55:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\HD Tune Pro
[2011-07-31 22:55:46 | 000,000,000 | ---D | C] -- D:\Program Files\HD Tune Pro
[2011-07-30 12:47:01 | 000,000,000 | -H-D | C] -- D:\WINDOWS\Icons
[2011-07-29 19:33:33 | 000,050,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2011-07-29 19:33:01 | 000,079,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2011-07-29 19:30:33 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\RsFx
[2011-07-29 19:26:56 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Visual Studio 9.0
[2011-07-29 19:21:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Microsoft SQL Server 2008
[2011-07-29 19:12:16 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft SQL Server
[2011-07-29 19:09:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Moje dokumenty\Visual Studio 2010
[2011-07-29 19:08:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Visual Studio 2010 Express
[2011-07-29 19:04:26 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft SDKs
[2011-07-29 19:04:26 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Help Viewer
[2011-07-29 14:00:45 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 4.0
[2011-07-28 15:52:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Pulpit\Wszystko z pulpitu
[2011-07-28 15:32:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Moje dokumenty\Ovi
[2011-07-28 15:32:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-07-28 15:32:15 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\LogFiles
[2011-07-28 15:32:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount
[2011-07-28 15:30:33 | 000,016,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spmsgXP_2k3.dll
[2011-07-28 15:28:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia
[2011-07-28 15:27:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-07-28 15:27:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite
[2011-07-28 15:27:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Nokia
[2011-07-28 15:24:43 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Nokia
[2011-07-28 15:24:09 | 000,000,000 | ---D | C] -- D:\Program Files\DIFX
[2011-07-28 15:24:08 | 000,018,816 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\pccsmcfd.sys
[2011-07-28 15:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\PC Connectivity Solution
[2011-07-28 15:23:40 | 000,008,576 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2011-07-28 15:23:38 | 000,137,600 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2011-07-28 15:23:35 | 000,008,192 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2011-07-28 15:23:33 | 000,008,192 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2011-07-28 15:23:31 | 000,023,168 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\ccdcmbo.sys
[2011-07-28 15:23:22 | 000,018,176 | ---- | C] (Nokia) -- D:\WINDOWS\System32\drivers\ccdcmb.sys
[2011-07-28 15:23:21 | 001,461,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wdfcoinstaller01009.dll
[2011-07-28 15:23:21 | 000,605,696 | ---- | C] (Nokia) -- D:\WINDOWS\System32\nmwcdcocls.dll
[2011-07-28 15:23:21 | 000,123,904 | ---- | C] (Nokia) -- D:\WINDOWS\System32\ccdcmbwu.dll
[2011-07-28 15:23:18 | 000,075,264 | ---- | C] (Nokia) -- D:\WINDOWS\System32\nmwcdcls.dll
[2011-07-28 15:21:31 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2011-07-28 15:20:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-07-28 15:20:58 | 000,000,000 | ---D | C] -- D:\Program Files\Nokia
[2011-07-26 14:27:21 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2011-07-26 14:20:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javaws.exe
[2011-07-26 14:20:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\javaw.exe
[2011-07-26 14:20:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- D:\WINDOWS\System32\java.exe
[2011-07-22 21:16:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Hot Keyboard
[2011-07-22 21:15:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Hot Keyboard Pro Backup
[2011-07-22 21:15:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Hot Keyboard Pro
[2011-07-22 21:15:40 | 000,000,000 | ---D | C] -- D:\Program Files\Hot Keyboard Pro
[2011-07-22 16:53:44 | 000,000,000 | ---D | C] -- D:\Program Files\Hot Keyboard
[2011-07-22 16:21:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\FBP - Facebook Blaster Pro
[2011-07-22 11:27:53 | 000,000,000 | ---D | C] -- D:\Program Files\FBP - Facebook Blaster Pro
[2011-07-20 21:31:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\MoorHunt
[2011-07-20 21:31:53 | 000,000,000 | ---D | C] -- D:\Program Files\MoorHunt
[2011-07-18 17:59:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\AutoIt v3
[2011-07-18 17:59:10 | 000,000,000 | ---D | C] -- D:\Program Files\AutoIt3
[2011-07-18 17:14:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Moje dokumenty\iMacros
[2011-07-16 17:05:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mateusz\Dane aplikacji\framezoo.com
[2011-07-16 17:05:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\FBDevil
[2011-07-16 17:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\framezoo.com
[2011-07-16 17:05:27 | 000,000,000 | ---D | C] -- D:\Program Files\FBDevil
[2011-07-13 10:55:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Start\Programy\Foxit PDF Editor
[2011-07-10 21:34:23 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[3 D:\WINDOWS\*.tmp files - & gt; D:\WINDOWS\*.tmp - & gt; ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-08-01 16:24:00 | 000,001,038 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-01 16:18:10 | 000,000,466 | -H-- | M] () -- D:\WINDOWS\tasks\User_Feed_Synchronization-{6CA68775-2F9C-4476-9C9B-B06F1E0BC74C}.job
[2011-08-01 16:01:29 | 000,001,034 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-01 16:01:04 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2011-07-31 22:55:48 | 000,000,708 | ---- | M] () -- D:\Documents and Settings\Mateusz\Pulpit\HD Tune Pro.lnk
[2011-07-31 22:43:10 | 000,000,034 | ---- | M] () -- D:\Documents and Settings\Mateusz\mm.cfg
[2011-07-31 15:33:33 | 000,001,154 | ---- | M] () -- D:\Documents and Settings\Mateusz\Moje dokumenty\ax_files.xml
[2011-07-30 22:21:25 | 001,228,854 | ---- | M] () -- D:\Documents and Settings\Mateusz\Pulpit\Photo_00020.bmp
[2011-07-30 20:13:12 | 000,001,140 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-838170752-2147085195-1003UA.job
[2011-07-30 20:13:12 | 000,001,088 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-838170752-2147085195-1003Core.job
[2011-07-30 01:03:58 | 000,000,972 | ---- | M] () -- D:\WINDOWS\tasks\Google Software Updater.job
[2011-07-29 19:33:35 | 000,629,616 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2011-07-29 19:33:35 | 000,567,220 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2011-07-29 19:33:35 | 000,134,244 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2011-07-29 19:33:35 | 000,113,112 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2011-07-28 15:32:27 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2011-07-28 15:32:18 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2011-07-28 15:30:57 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011-07-28 15:30:55 | 000,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2011-07-28 15:30:55 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011-07-26 15:13:04 | 004,489,004 | ---- | M] () -- D:\Documents and Settings\Mateusz\Moje dokumenty\ts3_recording_11_07_26_15_12_38.wav
[2011-07-22 12:13:02 | 000,034,308 | ---- | M] () -- D:\WINDOWS\System32\BASSMOD.dll
[2011-07-20 10:41:17 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2011-07-18 18:00:58 | 000,000,113 | ---- | M] () -- D:\Documents and Settings\Mateusz\SciTE.session
[2011-07-18 14:47:43 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011-07-14 15:41:06 | 000,038,412 | ---- | M] () -- D:\Documents and Settings\Mateusz\Moje dokumenty\charlie.jpg
[2011-07-13 11:52:05 | 000,279,744 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011-07-13 10:17:28 | 000,002,318 | ---- | M] () -- D:\Documents and Settings\Mateusz\Pulpit\Google Chrome.lnk
[2011-07-09 23:54:22 | 000,000,165 | ---- | M] () -- D:\WINDOWS\System32\spupdsvc.inf
[2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[3 D:\WINDOWS\*.tmp files - & gt; D:\WINDOWS\*.tmp - & gt; ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-31 22:55:48 | 000,000,708 | ---- | C] () -- D:\Documents and Settings\Mateusz\Pulpit\HD Tune Pro.lnk
[2011-07-30 22:21:45 | 001,228,854 | ---- | C] () -- D:\Documents and Settings\Mateusz\Pulpit\Photo_00020.bmp
[2011-07-30 15:54:00 | 000,289,558 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-07-28 15:32:27 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2011-07-28 15:32:18 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2011-07-28 15:30:57 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011-07-28 15:30:55 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011-07-26 15:12:41 | 004,489,004 | ---- | C] () -- D:\Documents and Settings\Mateusz\Moje dokumenty\ts3_recording_11_07_26_15_12_38.wav
[2011-07-18 18:00:58 | 000,000,113 | ---- | C] () -- D:\Documents and Settings\Mateusz\SciTE.session
[2011-07-18 14:43:58 | 000,000,034 | ---- | C] () -- D:\Documents and Settings\Mateusz\mm.cfg
[2011-07-09 23:54:22 | 000,000,165 | ---- | C] () -- D:\WINDOWS\System32\spupdsvc.inf
[2011-05-06 21:15:41 | 000,593,920 | ---- | C] () -- D:\WINDOWS\System32\ati2sgag.exe
[2011-05-06 21:14:02 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\atiiprxx.exe
[2011-05-06 21:13:57 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativvaxx.dat
[2011-05-06 21:13:57 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativva5x.dat
[2011-05-06 21:13:57 | 000,887,724 | ---- | C] () -- D:\WINDOWS\System32\ativva6x.dat
[2011-05-06 21:13:57 | 000,158,080 | ---- | C] () -- D:\WINDOWS\System32\atiicdxx.dat
[2011-05-06 21:13:55 | 000,000,011 | ---- | C] () -- D:\WINDOWS\System32\atiicdxx.ini
[2011-05-06 21:13:40 | 000,472,576 | ---- | C] () -- D:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
[2011-05-06 20:41:09 | 000,000,010 | ---- | C] () -- D:\WINDOWS\WININIT.INI
[2011-04-01 13:03:11 | 000,262,216 | ---- | C] () -- D:\WINDOWS\System32\IPTests.dll
[2011-04-01 13:02:27 | 000,422,000 | ---- | C] () -- D:\WINDOWS\System32\wgapi.dll
[2011-04-01 13:02:27 | 000,077,824 | ---- | C] () -- D:\WINDOWS\System32\wgapiloc.dll
[2011-03-31 20:36:09 | 000,008,192 | ---- | C] () -- D:\WINDOWS\System32\srvany.exe
[2011-03-09 18:37:07 | 000,614,412 | ---- | C] () -- D:\WINDOWS\YUY2.bin
[2011-03-07 21:58:10 | 000,000,001 | ---- | C] () -- D:\WINDOWS\SGXuData.dat
[2011-03-07 21:54:04 | 000,098,304 | ---- | C] () -- D:\WINDOWS\System32\Coinstall.dll
[2011-02-13 16:49:04 | 000,004,979 | ---- | C] () -- D:\Documents and Settings\All Users\Dane aplikacji\zcqodmdk.jli
[2011-02-12 15:10:54 | 000,000,132 | ---- | C] () -- D:\Documents and Settings\Mateusz\Dane aplikacji\Adobe GIF Format CS5 Prefs
[2011-02-10 18:06:05 | 000,000,282 | ---- | C] () -- D:\WINDOWS\w32dasm8.ini
[2011-02-07 22:55:29 | 000,163,840 | ---- | C] () -- D:\WINDOWS\System32\ArtFfct.dll
[2011-02-07 00:26:20 | 000,827,392 | ---- | C] () -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Vodafone Mobile Connect.msi
[2011-02-07 00:26:20 | 000,003,584 | ---- | C] () -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\2057.MST
[2011-02-05 01:31:17 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2011-02-01 21:30:23 | 000,000,114 | ---- | C] () -- D:\WINDOWS\winzipme.ini
[2011-02-01 21:29:48 | 000,155,648 | ---- | C] () -- D:\WINDOWS\System32\addurl41.DLL
[2011-02-01 21:29:48 | 000,018,432 | ---- | C] () -- D:\WINDOWS\System32\winwatch.DLL
[2011-01-22 22:51:32 | 000,034,308 | ---- | C] () -- D:\WINDOWS\System32\BASSMOD.dll
[2010-11-28 11:50:12 | 000,068,903 | ---- | C] () -- D:\WINDOWS\hpoins05.dat
[2010-11-28 11:50:12 | 000,019,696 | ---- | C] () -- D:\WINDOWS\hpomdl05.dat
[2010-11-23 19:29:09 | 000,000,600 | ---- | C] () -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2010-11-21 15:34:45 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2010-11-19 22:42:12 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-11-19 22:32:54 | 000,000,000 | ---- | C] () -- D:\WINDOWS\ativpsrm.bin
[2010-11-19 18:38:19 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2010-11-19 18:37:52 | 000,147,456 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2010-11-19 15:43:16 | 000,012,288 | ---- | C] () -- D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-18 16:48:09 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2010-11-18 16:46:33 | 000,279,744 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-11-18 16:10:50 | 000,040,636 | R--- | C] () -- D:\WINDOWS\System32\drivers\WLANGEN.bin
[2010-11-18 16:10:50 | 000,000,964 | R--- | C] () -- D:\WINDOWS\System32\drivers\RADIO11.bin
[2010-11-18 16:10:50 | 000,000,936 | R--- | C] () -- D:\WINDOWS\System32\drivers\RADIO0d.bin
[2010-11-18 16:10:50 | 000,000,912 | R--- | C] () -- D:\WINDOWS\System32\drivers\RADIO15.bin
[2010-11-18 15:57:53 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010-11-18 15:57:02 | 000,050,105 | ---- | C] () -- D:\WINDOWS\activ.exe
[2010-11-18 15:53:07 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-06-25 19:03:12 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll
[2008-05-03 09:24:01 | 000,000,082 | ---- | C] () -- D:\WINDOWS\System32\oeminfo.ini
[2008-04-14 23:16:20 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2006-12-31 08:57:08 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2001-10-26 18:15:16 | 000,629,616 | ---- | C] () -- D:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- D:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,134,244 | ---- | C] () -- D:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- D:\WINDOWS\System32\perfd015.dat
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001-08-17 23:30:24 | 000,567,220 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,113,112 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-06-29 16:36:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Aiseesoft Studio
[2010-12-27 15:24:03 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2010-11-21 12:32:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-12 15:56:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\D__DOCUME~1_Mateusz_USTAWI~1_Temp_Rar$EX03.578_Hide IP Privacy v2.4.6.8 - by BoDiE2003_Crack_HideIPPrivacy.exe
[2010-12-05 22:17:47 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-07-16 17:05:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\framezoo.com
[2011-06-26 23:27:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\F__Hide.IP.Easy.v5.0.8.2.WinAll.Cracked-FAnTAST_FAnTAST_HideIPEasy.exe
[2010-11-21 19:55:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-02-12 15:57:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\HideIPPrivacy
[2011-07-28 15:32:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-07-28 15:20:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-01-07 12:05:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-07-28 15:31:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-05-03 14:56:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PhotoME
[2011-06-27 10:39:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PlatinumHideIP
[2010-12-12 22:21:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe
[2011-07-31 15:31:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Rosetta Stone
[2011-06-11 21:25:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\RosettaStoneLtdServices
[2011-01-22 22:52:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Screaming Bee
[2011-03-22 22:25:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar
[2011-02-20 22:17:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SuperHideIP
[2011-04-01 13:02:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2010-12-04 17:36:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2011-01-28 12:57:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Vodafone
[2010-12-04 17:34:38 | 000,000,000 | -HSD | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011-04-26 00:19:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software
[2011-01-27 12:16:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Vodafone
[2011-05-29 11:12:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\.minecraft
[2010-12-27 15:24:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Ashampoo
[2010-11-18 16:49:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\AutoUpdate
[2011-03-30 21:04:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\bsbandmltbpi
[2010-11-21 12:36:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite
[2011-07-31 23:11:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\DMCache
[2011-05-19 15:12:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Download Master
[2011-02-12 15:56:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\D__DOCUME~1_Mateusz_USTAWI~1_Temp_Rar$EX03.578_Hide IP Privacy v2.4.6.8 - by BoDiE2003_Crack_HideIPPrivacy.exe
[2010-12-05 22:19:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\ESET
[2011-07-15 22:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\EurekaLog
[2010-11-23 00:29:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\eXPert PDF Editor
[2011-05-18 16:35:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\facemoods.com
[2011-07-16 17:05:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\framezoo.com
[2011-06-26 23:27:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\F__Hide.IP.Easy.v5.0.8.2.WinAll.Cracked-FAnTAST_FAnTAST_HideIPEasy.exe
[2011-05-15 21:58:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10
[2011-07-31 22:57:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\HD Tune Pro
[2011-02-12 15:57:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\HideIPPrivacy
[2011-07-22 21:16:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Hot Keyboard
[2011-07-23 10:49:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Hot Keyboard Pro Backup
[2011-06-29 14:13:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\IDM
[2011-05-06 07:37:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\IVONA ControlCenter
[2011-02-06 00:26:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Kamerzysta
[2010-12-07 20:53:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\ManyCam
[2011-04-29 18:40:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\n-Track Software Data
[2011-06-25 21:34:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\n-Track Studio6
[2011-02-19 23:24:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\OfferBox
[2011-01-07 11:46:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM
[2011-02-06 12:16:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Opera
[2011-05-31 12:12:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Paltalk
[2011-07-28 15:32:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite
[2011-06-27 10:39:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\PlatinumHideIP
[2011-01-22 22:52:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Screaming Bee
[2011-04-26 19:40:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Sinvise Systems
[2011-04-13 01:23:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Solveig Multimedia
[2011-02-20 22:17:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\SuperHideIP
[2011-04-27 11:13:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\TeamViewer
[2011-02-08 21:37:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\The Bat!
[2011-02-05 12:03:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Thunderbird
[2010-11-23 19:21:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\TightVNC
[2011-05-15 11:09:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client
[2011-06-18 19:45:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\ts3overlay
[2011-05-19 15:30:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\TuneUp Software
[2011-08-01 16:22:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent
[2011-01-27 12:16:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Vodafone
[2010-12-07 21:03:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\WebcamMax
[2011-02-13 16:57:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Mateusz\Dane aplikacji\Wireshark
[2011-08-01 16:18:10 | 000,000,466 | -H-- | M] () -- D:\WINDOWS\Tasks\User_Feed_Synchronization-{6CA68775-2F9C-4476-9C9B-B06F1E0BC74C}.job

[color=#E56717]========== Purity Check ==========[/color]



& lt; End of report & gt;


Logi.rar > MBRCheck_08.01.11_21.59.36.txt

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Dodatek Service Pack 3 (build 2600)
Logical Drives Mask: 0x000003fc

Kernel Drivers (total 141):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF7373000 spiu.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF735B000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF732C000 ACPI.sys
0xF731B000 pci.sys
0xF7487000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7497000 MountMgr.sys
0xF72FC000 ftdisk.sys
0xF798B000 dmload.sys
0xF72D6000 dmio.sys
0xF770F000 PartMgr.sys
0xF74A7000 VolSnap.sys
0xF72BE000 atapi.sys
0xF74B7000 Si3112.sys
0xF74C7000 disk.sys
0xF74D7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF729E000 fltMgr.sys
0xF728C000 sr.sys
0xF74E7000 PxHelp20.sys
0xF7275000 KSecDD.sys
0xF725E000 WudfPf.sys
0xF71D1000 Ntfs.sys
0xF71A4000 NDIS.sys
0xF718A000 Mup.sys
0xF7527000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6E57000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF6E43000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF77AF000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF6E1F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77B7000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7637000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7647000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7657000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6DFC000 \SystemRoot\system32\DRIVERS\ks.sys
0xF6A0D000 \SystemRoot\system32\drivers\ALCXWDM.SYS
0xF69E9000 \SystemRoot\system32\drivers\portcls.sys
0xF7677000 \SystemRoot\system32\drivers\drmk.sys
0xF69B2000 \SystemRoot\System32\Drivers\a0qu2xmc.SYS
0xF6979000 \SystemRoot\System32\Drivers\a265vs0i.SYS
0xF7687000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7957000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF6965000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7697000 \SystemRoot\system32\DRIVERS\Epfwndis.sys
0xF7B9C000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF795F000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF694E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF76B7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF76C7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7747000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF693D000 \SystemRoot\system32\DRIVERS\psched.sys
0xF76D7000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF774F000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7757000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF690D000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF76E7000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF775F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7767000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79B5000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF67E7000 \SystemRoot\system32\DRIVERS\update.sys
0xF797B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7617000 \SystemRoot\system32\DRIVERS\wsimd.sys
0xF7667000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7547000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79B7000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF79BD000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7BD4000 \SystemRoot\System32\Drivers\Null.SYS
0xF79BF000 \SystemRoot\System32\Drivers\Beep.SYS
0xAA7B7000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0xF77DF000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF780F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF781F000 \SystemRoot\System32\drivers\vga.sys
0xF79CD000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79CF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF782F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7837000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7947000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA784000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAA72B000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAA719000 \SystemRoot\system32\DRIVERS\epfwtdi.sys
0xAA6F3000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF75F7000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xAA6CB000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF795B000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xAA681000 \SystemRoot\System32\drivers\afd.sys
0xF7607000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAA656000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA5E6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAA5CF000 \SystemRoot\system32\DRIVERS\idmtdi.sys
0xF7627000 \SystemRoot\System32\Drivers\Fips.SYS
0xF6905000 \??\D:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys
0xAA42C000 \SystemRoot\system32\DRIVERS\athuw.sys
0xAA7F2000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF68B5000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7943000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF788F000 \??\D:\WINDOWS\system32\drivers\VMkbd.sys
0xAA6C3000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAA3E0000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xAA3C8000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79E9000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA418000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7727000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BA1000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF058000 \SystemRoot\System32\ati2cqag.dll
0xBF0D2000 \SystemRoot\System32\atikvmag.dll
0xBF140000 \SystemRoot\System32\atiok3x2.dll
0xBF170000 \SystemRoot\System32\ati3duag.dll
0xBF478000 \SystemRoot\System32\ativvaxx.dll
0xBF609000 \SystemRoot\System32\ATMFD.DLL
0xAA141000 \SystemRoot\system32\DRIVERS\eamon.sys
0xAA0F7000 \SystemRoot\system32\DRIVERS\epfw.sys
0xF77CF000 \SystemRoot\system32\DRIVERS\vmnetbridge.sys
0xAA320000 \SystemRoot\system32\DRIVERS\VMNET.SYS
0xA9EB2000 \SystemRoot\system32\drivers\wdmaud.sys
0xF7587000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9C9A000 \??\D:\WINDOWS\system32\drivers\hcmon.sys
0xF7A3D000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xA9C1A000 \??\D:\WINDOWS\system32\Drivers\vmci.sys
0xF77EF000 \??\D:\WINDOWS\system32\Drivers\VMparport.sys
0xA9B02000 \??\D:\WINDOWS\system32\Drivers\vmx86.sys
0xF7ACB000 \SystemRoot\System32\Drivers\LBeepKE.sys
0xA98AE000 \SystemRoot\system32\DRIVERS\srv.sys
0xF7817000 \SystemRoot\system32\drivers\npf.sys
0xF773F000 \??\D:\WINDOWS\system32\drivers\vmnetuserif.sys
0xA9AF6000 \??\D:\Program Files\VMware\VMware Player\vstor2-ws60.sys
0xA9736000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF7BC5000 \??\E:\TU2011\TuneUpUtilitiesDriver32.sys
0xA8ACE000 \SystemRoot\System32\Drivers\HTTP.sys
0xA93BE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA81E4000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll
0x10000000 \Program Files\Alcohol Soft\Alcohol 120\Alcoholx.dll

Processes (total 60):
0 System Idle Process
4 System
504 D:\WINDOWS\system32\smss.exe
1576 csrss.exe
280 D:\WINDOWS\system32\winlogon.exe
988 D:\WINDOWS\system32\services.exe
1032 D:\WINDOWS\system32\lsass.exe
1796 D:\WINDOWS\system32\ati2evxx.exe
1864 D:\WINDOWS\system32\svchost.exe
340 svchost.exe
592 D:\WINDOWS\system32\svchost.exe
680 D:\WINDOWS\system32\svchost.exe
700 D:\WINDOWS\system32\ati2evxx.exe
1184 svchost.exe
1688 svchost.exe
1976 D:\WINDOWS\system32\spoolsv.exe
412 D:\WINDOWS\system32\acs.exe
924 D:\WINDOWS\explorer.exe
1712 D:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
160 D:\Program Files\ESET\ESET Smart Security\ekrn.exe
1752 sqlservr.exe
1012 D:\WINDOWS\system32\svchost.exe
1404 D:\WINDOWS\system32\svchost.exe
1552 D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
1696 D:\WINDOWS\system32\svchost.exe
720 E:\TU2011\TuneUpUtilitiesService32.exe
3060 D:\WINDOWS\soundman.exe
3428 D:\Program Files\ESET\ESET Smart Security\egui.exe
3808 D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
1264 D:\Program Files\Common Files\Java\Java Update\jusched.exe
1892 D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
2124 D:\Program Files\Hot Keyboard\HotKeyb.exe
2396 D:\WINDOWS\system32\ctfmon.exe
2536 D:\Program Files\uTorrent\uTorrent.exe
2964 D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
2708 E:\TU2011\TuneUpUtilitiesApp32.exe
448 alg.exe
468 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
3224 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2756 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2804 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2828 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
3324 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2896 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2228 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2544 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
1248 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
232 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2748 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
3040 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
1496 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
3632 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
1336 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2092 D:\Program Files\Internet Download Manager\IDMan.exe
2532 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
516 D:\WINDOWS\system32\taskmgr.exe
3592 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
2084 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
3876 D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
3768 D:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\Programs\MBRCheck.exe

\\.\C: -- & gt; \\.\PhysicalDrive0 at offset 0x00000000`007e0000 (NTFS)
\\.\D: -- & gt; \\.\PhysicalDrive0 at offset 0x00000004`18ad3e00 (NTFS)
\\.\E: -- & gt; \\.\PhysicalDrive0 at offset 0x0000000f`2581c800 (NTFS)
\\.\F: -- & gt; \\.\PhysicalDrive0 at offset 0x00000018`b3edc400 (NTFS)
\\.\H: -- & gt; \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (FAT)

PhysicalDrive0 Model Number: ST3160815A, Rev: 3.AAD

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: 858845D53EA37CAD905BAB010542C912FBC33C8C


Done!


Logi.rar > Startup Programs (SPECIAL-XP) 2011-08-01 16.34.48.txt

" Silent Runners.vbs " , revision 63, http://www.silentrunners.org/
Operating System: Windows XP SP3
Output limited to non-default values, except where indicated by " {++} "


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
" Hot Keyboard " = " D:\Program Files\Hot Keyboard\HotKeyb.exe -minimized " [ " TB Labs " ]
" ctfmon.exe " = " D:\WINDOWS\system32\ctfmon.exe " [MS]
" uTorrent " = " " D:\Program Files\uTorrent\uTorrent.exe " " [ " BitTorrent, Inc. " ]
" (Default) " = " (empty string) " [file not found]
" NokiaOviSuite2 " = " D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray " [ " Nokia " ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
" SoundMan " = " SOUNDMAN.EXE " [ " Realtek Semiconductor Corp. " ]
" egui " = " " D:\Program Files\ESET\ESET Smart Security\egui.exe " /hide /waitservice " [ " ESET " ]
" SGCameraMonitor " = " D:\WINDOWS\SGStiMon.exe " [ " SigmaChip " ]
" TWCU " = " " D:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe " -nogui " [null data]
" TNOD UP " = " " D:\Program Files\TNod User & Password Finder\TNODUP.exe " /i " [ " Tukero[X]Team " ]
" AtiPTA " = " atiptaxx.exe " [ " ATI Technologies, Inc. " ]
" SunJavaUpdateSched " = " " D:\Program Files\Common Files\Java\Java Update\jusched.exe " " [ " Sun Microsystems, Inc. " ]
" NokiaMServer " = " D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup " [ " Nokia " ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = " IDM Helper "
- & gt; {HKLM...CLSID} = " IDM integration (IDMIEHlprObj Class) "
\InProcServer32\(Default) = " D:\Program Files\Internet Download Manager\IDMIECC.dll " [ " Internet Download Manager, Tonec Inc. " ]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
- & gt; {HKLM...CLSID} = " Groove GFS Browser Helper "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
- & gt; {HKLM...CLSID} = " Pomocnik rejestracji us?ugi Windows Live "
\InProcServer32\(Default) = " D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll " [MS]

{9961627E-4059-41B4-8E0E-A7D6B3854ADF}\(Default) = (no title provided)
- & gt; {HKLM...CLSID} = " IE 4.x-6.x BHO for Download Master "
\InProcServer32\(Default) = " D:\PROGRA~1\DOWNLO~1\dmiehlp.dll " [ " WestByte " ]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = " SkypeIEPluginBHO "
- & gt; {HKLM...CLSID} = " Skype Plug-In "
\InProcServer32\(Default) = " D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll " [ " Skype Technologies S.A. " ]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
- & gt; {HKLM...CLSID} = " Google Toolbar Notifier BHO "
\InProcServer32\(Default) = " D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll " [ " Google Inc. " ]

{B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = " URLRedirectionBHO "
- & gt; {HKLM...CLSID} = " Office Document Cache Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL " [MS]

{ccec60fc-2608-4e58-9659-3ffc159e8ea9}\(Default) = " SHOUTcast Loader "
- & gt; {HKLM...CLSID} = " SHOUTcast Loader "
\InProcServer32\(Default) = " D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll " [ " AOL LLC " ]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
- & gt; {HKLM...CLSID} = " Java(tm) Plug-In 2 SSV Helper "
\InProcServer32\(Default) = " D:\Program Files\Java\jre6\bin\jp2ssv.dll " [ " Sun Microsystems, Inc. " ]

{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = " JQSIEStartDetectorImpl "
- & gt; {HKLM...CLSID} = " JQSIEStartDetectorImpl Class "
\InProcServer32\(Default) = " D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll " [ " Sun Microsystems, Inc. " ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = " {99FD978C-D287-4F50-827F-B2C658EDA8E7} "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 1 (GFS Unread Stub) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = " {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 2 (GFS Stub) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = " {920E6DB1-9907-4370-B3A0-BAFC03D81399} "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = " {16F3DD56-1AF5-4347-846D-7C10C4192619} "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 3 (GFS Folder) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = " {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 4 (GFS Unread Mark) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

IDM Shell Extension\(Default) = " {CDC95B92-E27C-4745-A8C5-64A52A78855D} "
- & gt; {HKLM...CLSID} = " IDM Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\Internet Download Manager\IDMShellExt.dll " [ " Tonec Inc. " ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

" {42071714-76d4-11d1-8b24-00a0c9068ff3} " = " Rozszerzenie CPL kadrowania wyœwietlania "
- & gt; {HKLM...CLSID} = " Rozszerzenie CPL kadrowania wyœwietlania "
\InProcServer32\(Default) = " deskpan.dll " [file not found]

" {88895560-9AA2-1069-930E-00AA0030EBC8} " = " Rozszerzenie ikony HyperTerminalu "
- & gt; {HKLM...CLSID} = " HyperTerminal Icon Ext "
\InProcServer32\(Default) = " D:\WINDOWS\system32\hticons.dll " [ " Hilgraeve, Inc. " ]

" {B41DB860-8EE4-11D2-9906-E49FADC173CA} " = " WinRAR shell extension "
- & gt; {HKLM...CLSID} = " WinRAR "
\InProcServer32\(Default) = " D:\Program Files\WinRAR\rarext.dll " [ " Alexander Roshal " ]

" {23170F69-40C1-278A-1000-000100020000} " = " 7-Zip Shell Extension "
- & gt; {HKLM...CLSID} = " 7-Zip Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\7-Zip\7-zip.dll " [ " Igor Pavlov " ]

" {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} " = " Logitech Setpoint Extension "
- & gt; {HKLM...CLSID} = " KbLogiExt Class "
\InProcServer32\(Default) = " D:\Program Files\Logitech\SetPoint\kbcplext.dll " [ " Logitech Inc. " ]

" {B9B9F083-2B04-452A-8691-83694AC1037B} " = " Logitech Setpoint Extension "
- & gt; {HKLM...CLSID} = " LogiExt Class "
\InProcServer32\(Default) = " D:\Program Files\Logitech\SetPoint\mcplext.dll " [ " Logitech Inc. " ]

" {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} " = " Microsoft Office Metadata Handler "
- & gt; {HKLM...CLSID} = " Microsoft Office Metadata Handler "
\InProcServer32\(Default) = " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll " [MS]

" {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} " = " Microsoft Office Thumbnail Handler "
- & gt; {HKLM...CLSID} = " Microsoft Office Thumbnail Handler "
\InProcServer32\(Default) = " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll " [MS]

" {B089FE88-FB52-11D3-BDF1-0050DA34150D} " = " ESET Smart Security - Context Menu Shell Extension "
- & gt; {HKLM...CLSID} = " ESET Smart Security - Context Menu Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\ESET\ESET Smart Security\shellExt.dll " [ " ESET " ]

" {42042206-2D85-11D3-8CFF-005004838597} " = " Microsoft Office HTML Icon Handler "
- & gt; {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\msohevi.dll " [MS]

" {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} " = " Groove Namespace Extension "
- & gt; {HKLM...CLSID} = " Obszary robocze "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} " = " Microsoft OneNote Namespace Extension for Windows Desktop Search "
- & gt; {HKLM...CLSID} = " Microsoft OneNote Namespace Extension for Windows Desktop Search "
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\ONFILTER.DLL " [MS]

" {506F4668-F13E-4AA1-BB04-B43203AB3CC0} " = " {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "
- & gt; {HKLM...CLSID} = " ImageExtractorShellExt Class "
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\VISSHE.DLL " [MS]

" {D66DC78C-4F61-447F-942B-3FB6980118CF} " = " {D66DC78C-4F61-447F-942B-3FB6980118CF} "
- & gt; {HKLM...CLSID} = " CInfoTipShellExt Class "
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\VISSHE.DLL " [MS]

" {72853161-30C5-4D22-B7F9-0BBC1D38A37E} " = " Groove GFS Browser Helper "
- & gt; {HKLM...CLSID} = " Groove GFS Browser Helper "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {6C467336-8281-4E60-8204-430CED96822D} " = " Groove GFS Context Menu Handler "
- & gt; {HKLM...CLSID} = " Groove GFS Context Menu Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} " = " Groove GFS Explorer Bar "
- & gt; {HKLM...CLSID} = " Groove Folder Synchronization "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {16F3DD56-1AF5-4347-846D-7C10C4192619} " = " Groove Explorer Icon Overlay 3 (GFS Folder) "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 3 (GFS Folder) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {B5A7F190-DDA6-4420-B3BA-52453494E6CD} " = " Groove GFS Stub Execution Hook "
- & gt; {HKLM...CLSID} = " Groove GFS Stub Execution Hook "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {A449600E-1DC6-4232-B948-9BD794D62056} " = " Groove GFS Stub Icon Handler "
- & gt; {HKLM...CLSID} = " Groove GFS Stub Icon Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} " = " Groove Explorer Icon Overlay 2 (GFS Stub) "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 2 (GFS Stub) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {920E6DB1-9907-4370-B3A0-BAFC03D81399} " = " Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} " = " Groove Explorer Icon Overlay 4 (GFS Unread Mark) "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 4 (GFS Unread Mark) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {99FD978C-D287-4F50-827F-B2C658EDA8E7} " = " Groove Explorer Icon Overlay 1 (GFS Unread Stub) "
- & gt; {HKLM...CLSID} = " Groove Explorer Icon Overlay 1 (GFS Unread Stub) "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {387E725D-DC16-4D76-B310-2C93ED4752A0} " = " Groove XML Icon Handler "
- & gt; {HKLM...CLSID} = " Groove XML Icon Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

" {00020D75-0000-0000-C000-000000000046} " = " Microsoft Outlook Desktop Icon Handler "
- & gt; {HKLM...CLSID} = " Microsoft Outlook "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\MLSHEXT.DLL " [MS]

" {0006F045-0000-0000-C000-000000000046} " = " Microsoft Outlook Custom Icon Handler "
- & gt; {HKLM...CLSID} = " Outlook File Icon Extension "
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL " [MS]

" {bc5e1455-02ca-4b30-8eed-91d52a38da75} " = " FineReader10ContextMenu "
- & gt; {HKLM...CLSID} = " FineReader10.FRContextMenu.1 "
\InProcServer32\(Default) = " D:\Program Files\ABBYY FineReader 10\FRIntegration.dll " [ " ABBYY. " ]

" {44440D00-FF19-4AFC-B765-9A0970567D97} " = " TuneUp Theme Extension "
- & gt; {HKLM...CLSID} = " TuneUp Theme Extension "
\InProcServer32\(Default) = " D:\WINDOWS\System32\uxtuneup.dll " [ " TuneUp Software " ]

" {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} " = " TuneUp Shredder Shell Extension "
- & gt; {HKLM...CLSID} = " TuneUp Shredder Shell Extension "
\InProcServer32\(Default) = " E:\TU2011\SDShelEx-win32.dll " [ " TuneUp Software " ]

" {4838CD50-7E5D-4811-9B17-C47A85539F28} " = " TuneUp Disk Space Explorer Shell Extension "
- & gt; {HKLM...CLSID} = " TuneUp Disk Space Explorer Shell Extension "
\InProcServer32\(Default) = " E:\TU2011\DseShExt-x86.dll " [ " TuneUp Software " ]

" {CDC95B92-E27C-4745-A8C5-64A52A78855D} " = " IDM Shell Extension "
- & gt; {HKLM...CLSID} = " IDM Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\Internet Download Manager\IDMShellExt.dll " [ " Tonec Inc. " ]

" {9493BF10-6A0A-11D3-AFB2-00C06C397814} " = " Hot Keyboard "
- & gt; {HKLM...CLSID} = " HotKeyboard_ShellEx "
\InProcServer32\(Default) = " D:\Program Files\Hot Keyboard Pro\HkShExt.dll " [ " Imposant " ]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

& lt; & lt; ! & gt; & gt; " {B5A7F190-DDA6-4420-B3BA-52453494E6CD} " = " Groove GFS Stub Execution Hook "
- & gt; {HKLM...CLSID} = " Groove GFS Stub Execution Hook "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

" WPDShServiceObj " = " {AAA288BA-9A4C-45B0-95D7-94D524869DB5} "
- & gt; {HKLM...CLSID} = " WPDShServiceObj Class "
\InProcServer32\(Default) = " D:\WINDOWS\system32\wpdshserviceobj.dll " [MS]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
& lt; & lt; ! & gt; & gt; AtiExtEvent\DLLName = " Ati2evxx.dll " [ " ATI Technologies Inc. " ]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
& lt; & lt; ! & gt; & gt; cyberghost.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; excel.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; finereader.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; googleapps.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; googleupdater.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; groove.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; infopath.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; javaw.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; javaws.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; misc.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; msaccess.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; msoxmled.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; mspub.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; mstore.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; onenote.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; outlook.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; paltalk.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; powerpnt.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; presentationhost.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; remotesupport.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; unins000.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; uninstall.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; vmplayer.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]
& lt; & lt; ! & gt; & gt; Winword.exe\Debugger = " " E:\TU2011\TUAutoReactivator32.exe " " [ " TuneUp Software " ]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

& lt; & lt; ! & gt; & gt; text/xml\CLSID = " {807573E5-5146-11D5-A672-00B0D022E945} "
- & gt; {HKLM...CLSID} = " Microsoft Office InfoPath XML Mime Filter "
\InProcServer32\(Default) = " D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL " [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

& lt; & lt; ! & gt; & gt; livecall\CLSID = " {828030A1-22C1-4009-854F-8E305202313F} "
- & gt; {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = " D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL " [MS]

& lt; & lt; ! & gt; & gt; ms-help\CLSID = " {314111c7-a502-11d2-bbca-00c04f8ec294} "
- & gt; {HKLM...CLSID} = " HxProtocol Class "
\InProcServer32\(Default) = " D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll " [MS]

& lt; & lt; ! & gt; & gt; msnim\CLSID = " {828030A1-22C1-4009-854F-8E305202313F} "
- & gt; {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = " D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL " [MS]

& lt; & lt; ! & gt; & gt; skype-ie-addon-data\CLSID = " {91774881-D725-4E58-B298-07617B9B86A8} "
- & gt; {HKLM...CLSID} = " Skype IE add-on Pluggable Protocol "
\InProcServer32\(Default) = " D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll " [ " Skype Technologies S.A. " ]

& lt; & lt; ! & gt; & gt; skype4com\CLSID = " {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "
- & gt; {HKLM...CLSID} = " IEProtocolHandler Class "
\InProcServer32\(Default) = " D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL " [ " Skype Technologies " ]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

7-Zip\(Default) = " {23170F69-40C1-278A-1000-000100020000} "
- & gt; {HKLM...CLSID} = " 7-Zip Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\7-Zip\7-zip.dll " [ " Igor Pavlov " ]

ESET Smart Security - Context Menu Shell Extension\(Default) = " {B089FE88-FB52-11D3-BDF1-0050DA34150D} "
- & gt; {HKLM...CLSID} = " ESET Smart Security - Context Menu Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\ESET\ESET Smart Security\shellExt.dll " [ " ESET " ]

FineReader10ContextMenu\(Default) = " {bc5e1455-02ca-4b30-8eed-91d52a38da75} "
- & gt; {HKLM...CLSID} = " FineReader10.FRContextMenu.1 "
\InProcServer32\(Default) = " D:\Program Files\ABBYY FineReader 10\FRIntegration.dll " [ " ABBYY. " ]

HotKeyboard\(Default) = " {9493BF10-6A0A-11D3-AFB2-00C06C397814} "
- & gt; {HKLM...CLSID} = " HotKeyboard_ShellEx "
\InProcServer32\(Default) = " D:\Program Files\Hot Keyboard Pro\HkShExt.dll " [ " Imposant " ]

TuneUp Shredder Shell Extension\(Default) = " {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "
- & gt; {HKLM...CLSID} = " TuneUp Shredder Shell Extension "
\InProcServer32\(Default) = " E:\TU2011\SDShelEx-win32.dll " [ " TuneUp Software " ]

WinRAR\(Default) = " {B41DB860-8EE4-11D2-9906-E49FADC173CA} "
- & gt; {HKLM...CLSID} = " WinRAR "
\InProcServer32\(Default) = " D:\Program Files\WinRAR\rarext.dll " [ " Alexander Roshal " ]

XXX Groove GFS Context Menu Handler XXX\(Default) = " {6C467336-8281-4E60-8204-430CED96822D} "
- & gt; {HKLM...CLSID} = " Groove GFS Context Menu Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = " {57CE581A-0CB6-4266-9CA0-19364C90A0B3} "
- & gt; {HKLM...CLSID} = " MBAMShlExt Class "
\InProcServer32\(Default) = " D:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll " [ " Malwarebytes Corporation " ]

XXX Groove GFS Context Menu Handler XXX\(Default) = " {6C467336-8281-4E60-8204-430CED96822D} "
- & gt; {HKLM...CLSID} = " Groove GFS Context Menu Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

7-Zip\(Default) = " {23170F69-40C1-278A-1000-000100020000} "
- & gt; {HKLM...CLSID} = " 7-Zip Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\7-Zip\7-zip.dll " [ " Igor Pavlov " ]

TuneUp Disk Space Explorer Shell Extension\(Default) = " {4838CD50-7E5D-4811-9B17-C47A85539F28} "
- & gt; {HKLM...CLSID} = " TuneUp Disk Space Explorer Shell Extension "
\InProcServer32\(Default) = " E:\TU2011\DseShExt-x86.dll " [ " TuneUp Software " ]

TuneUp Shredder Shell Extension\(Default) = " {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "
- & gt; {HKLM...CLSID} = " TuneUp Shredder Shell Extension "
\InProcServer32\(Default) = " E:\TU2011\SDShelEx-win32.dll " [ " TuneUp Software " ]

WinRAR\(Default) = " {B41DB860-8EE4-11D2-9906-E49FADC173CA} "
- & gt; {HKLM...CLSID} = " WinRAR "
\InProcServer32\(Default) = " D:\Program Files\WinRAR\rarext.dll " [ " Alexander Roshal " ]

XXX Groove GFS Context Menu Handler XXX\(Default) = " {6C467336-8281-4E60-8204-430CED96822D} "
- & gt; {HKLM...CLSID} = " Groove GFS Context Menu Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

7-Zip\(Default) = " {23170F69-40C1-278A-1000-000100020000} "
- & gt; {HKLM...CLSID} = " 7-Zip Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\7-Zip\7-zip.dll " [ " Igor Pavlov " ]

WinRAR\(Default) = " {B41DB860-8EE4-11D2-9906-E49FADC173CA} "
- & gt; {HKLM...CLSID} = " WinRAR "
\InProcServer32\(Default) = " D:\Program Files\WinRAR\rarext.dll " [ " Alexander Roshal " ]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

XXX Groove GFS Context Menu Handler XXX\(Default) = " {6C467336-8281-4E60-8204-430CED96822D} "
- & gt; {HKLM...CLSID} = " Groove GFS Context Menu Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

ESET Smart Security - Context Menu Shell Extension\(Default) = " {B089FE88-FB52-11D3-BDF1-0050DA34150D} "
- & gt; {HKLM...CLSID} = " ESET Smart Security - Context Menu Shell Extension "
\InProcServer32\(Default) = " D:\Program Files\ESET\ESET Smart Security\shellExt.dll " [ " ESET " ]

FineReader10ContextMenu\(Default) = " {bc5e1455-02ca-4b30-8eed-91d52a38da75} "
- & gt; {HKLM...CLSID} = " FineReader10.FRContextMenu.1 "
\InProcServer32\(Default) = " D:\Program Files\ABBYY FineReader 10\FRIntegration.dll " [ " ABBYY. " ]

HotKeyboard\(Default) = " {9493BF10-6A0A-11D3-AFB2-00C06C397814} "
- & gt; {HKLM...CLSID} = " HotKeyboard_ShellEx "
\InProcServer32\(Default) = " D:\Program Files\Hot Keyboard Pro\HkShExt.dll " [ " Imposant " ]

MBAMShlExt\(Default) = " {57CE581A-0CB6-4266-9CA0-19364C90A0B3} "
- & gt; {HKLM...CLSID} = " MBAMShlExt Class "
\InProcServer32\(Default) = " D:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll " [ " Malwarebytes Corporation " ]

WinRAR\(Default) = " {B41DB860-8EE4-11D2-9906-E49FADC173CA} "
- & gt; {HKLM...CLSID} = " WinRAR "
\InProcServer32\(Default) = " D:\Program Files\WinRAR\rarext.dll " [ " Alexander Roshal " ]

XXX Groove GFS Context Menu Handler XXX\(Default) = " {6C467336-8281-4E60-8204-430CED96822D} "
- & gt; {HKLM...CLSID} = " Groove GFS Context Menu Handler "
\InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = " {B41DB860-8EE4-11D2-9906-E49FADC173CA} "
- & gt; {HKLM...CLSID} = " WinRAR "
\InProcServer32\(Default) = " D:\Program Files\WinRAR\rarext.dll " [ " Alexander Roshal " ]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
" Wallpaper " = " D:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp "

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
" Wallpaper " = " D:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp "


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
" SCRNSAVE.EXE " = " D:\WINDOWS\RESOUR~1\Themes\STOLEN~1\SCRENS~1\SKAKI~1.SCR " (Ska?ki.scr) [ " nufsoft.com " ]


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

AlcoholAutoPlayV2.BurnDisc\
" Provider " = " Alcohol 120% "
" InvokeProgID " = " AlcoholAutoPlayV2 "
" InvokeVerb " = " BurnDisc "
HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\BurnDisc\command\(Default) = " " D:\Program Files\Alcohol Soft\Alcohol 120\alcohol__.exe " %1 " [ " Alcohol Soft Development Team " ]

AlcoholAutoPlayV2.ReadDisc\
" Provider " = " Alcohol 120% "
" InvokeProgID " = " AlcoholAutoPlayV2 "
" InvokeVerb " = " ReadDisc "
HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\ReadDisc\command\(Default) = " " D:\Program Files\Alcohol Soft\Alcohol 120\alcohol__.exe " %1 " [ " Alcohol Soft Development Team " ]

ASHAshampoo_Burning_Studio_10BURNONARRIVAL\
" Provider " = " Ashampoo Burning Studio 10 "
" InvokeProgID " = " Ashampoo.BurningStudio10 "
" InvokeVerb " = " autoplay-burn "
HKLM\SOFTWARE\Classes\Ashampoo.BurningStudio10\shell\autoplay-burn\Command\(Default) = " " D:\Program Files\Ashampoo\Ashampoo Burning Studio 10\burningstudio10.exe " -autoplay -selectdrive " %l " " [ " Ashampoo " ]

ASHAshampoo_Burning_Studio_10COPYONARRIVAL\
" Provider " = " Ashampoo Burning Studio 10 "
" InvokeProgID " = " Ashampoo.BurningStudio10 "
" InvokeVerb " = " autoplay-copy "
HKLM\SOFTWARE\Classes\Ashampoo.BurningStudio10\shell\autoplay-copy\Command\(Default) = " " D:\Program Files\Ashampoo\Ashampoo Burning Studio 10\burningstudio10.exe " -autoplay -selectdrive " %l " -copy " [ " Ashampoo " ]

ASHAshampoo_Burning_Studio_10RIPONARRIVAL\
" Provider " = " Ashampoo Burning Studio 10 "
" InvokeProgID " = " Ashampoo.BurningStudio10 "
" InvokeVerb " = " autoplay-rip "
HKLM\SOFTWARE\Classes\Ashampoo.BurningStudio10\shell\autoplay-rip\Command\(Default) = " " D:\Program Files\Ashampoo\Ashampoo Burning Studio 10\burningstudio10.exe " -autoplay -selectdrive " %l " -rip " [ " Ashampoo " ]

MSWPDShellNamespaceHandler\
" Provider " = " @%SystemRoot%\System32\WPDShextRes.dll,-501 "
" CLSID " = " {A55803CC-4D53-404c-8557-FD63DBA95D24} "
" InitCmdLine " = " "
- & gt; {HKLM...CLSID} = " WPDShextAutoplay "
\LocalServer32\(Default) = " D:\WINDOWS\system32\WPDShextAutoplay.exe " [MS]

NokiaOviSuite\
" Provider " = " Nokia Ovi Suite "
" ProgID " = " Nokia.OviSuite "
" InitCmdLine " = " -autoplay "
HKLM\SOFTWARE\Classes\Nokia.OviSuite\CLSID\(Default) = " {27F341A3-9735-41a3-AC51-75734826845F} "
- & gt; {HKLM...CLSID} = " Nokia Ovi Suite "
\LocalServer32\(Default) = " D:/Program Files/Nokia/Nokia Ovi Suite/NokiaOviSuite.exe " [ " Nokia " ]

VLCPlayCDAudioOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.CDAudio "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " --started-from-file cdda://%1 " [ " the VideoLAN Team " ]

VLCPlayDVDAudioOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.OPENFolder "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " %1 " [ " the VideoLAN Team " ]

VLCPlayDVDMovieOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.DVDMovie "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " --started-from-file dvd://%1 " [ " the VideoLAN Team " ]

VLCPlayMusicFilesOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.OPENFolder "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " %1 " [ " the VideoLAN Team " ]

VLCPlaySVCDMovieOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.SVCDMovie "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " --started-from-file vcd://%1 " [ " the VideoLAN Team " ]

VLCPlayVCDMovieOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.VCDMovie "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " --started-from-file vcd://%1 " [ " the VideoLAN Team " ]

VLCPlayVideoFilesOnArrival\
" Provider " = " VideoLAN VLC media player "
" InvokeProgID " = " VLC.OPENFolder "
" InvokeVerb " = " Open "
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = " " D:\Program Files\VideoLAN\VLC\vlc.exe " %1 " [ " the VideoLAN Team " ]

WinampMTPHandler\
" Provider " = " Winamp "
" ProgID " = " Shell.HWEventHandlerShellExecute "
" InitCmdLine " = " D:\Program Files\Winamp\winamp.exe "
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = " {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} "
- & gt; {HKLM...CLSID} = " ShellExecute HW Event Handler "
\LocalServer32\(Default) = " rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} " [MS]

WinampPlayMediaOnArrival\
" Provider " = " Winamp "
" InvokeProgID " = " Winamp.File "
" InvokeVerb " = " Play "
HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\command\(Default) = " " D:\Program Files\Winamp\winamp.exe " " %1 " " [ " Nullsoft, Inc. " ]
HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\DropTarget\CLSID = " {46986115-84D6-459c-8F95-52DD653E532E} "
- & gt; {HKLM...CLSID} = (no title provided)
\LocalServer32\(Default) = " " D:\Program Files\Winamp\winamp.exe " " [ " Nullsoft, Inc. " ]


Startup items in " Mateusz " & " All Users " startup folders:
---------------------------------------------------------

D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
" PalTalk " - & gt; shortcut to: " D:\Program Files\Paltalk Messenger\paltalk.exe nas " [ " AVM Software Inc. " ]


Enabled Scheduled Tasks:
------------------------

" GoogleUpdateTaskMachineCore " - & gt; launches: " D:\Program Files\Google\Update\GoogleUpdate.exe /c " [ " Google Inc. " ]
" GoogleUpdateTaskMachineUA " - & gt; launches: " D:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler " [ " Google Inc. " ]
" User_Feed_Synchronization-{6CA68775-2F9C-4476-9C9B-B06F1E0BC74C} " - & gt; launches: " D:\WINDOWS\system32\msfeedssync.exe sync " [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = " %SystemRoot%\System32\mswsock.dll " [MS]
000000000002\LibraryPath = " %SystemRoot%\System32\winrnr.dll " [MS]
000000000003\LibraryPath = " %SystemRoot%\System32\mswsock.dll " [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 08 - 27
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
D:\Program Files\VMware\VMware Player\vsocklib.dll [ " VMware, Inc. " ], 06 - 07


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

" {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} "
- & gt; {HKLM...CLSID} = " SHOUTcast Radio Toolbar "
\InProcServer32\(Default) = " D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll " [ " AOL LLC " ]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
" {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} " = " SHOUTcast Radio Toolbar "
- & gt; {HKLM...CLSID} = " SHOUTcast Radio Toolbar "
\InProcServer32\(Default) = " D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll " [ " AOL LLC " ]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = " Groove Folder Synchronization "
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = " D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL " [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{2670000A-7350-4F3C-8081-5663EE0C6C49}\
" ButtonText " = " Wyœlij do programu OneNote "
" MenuText " = " Wyœlij & do programu OneNote "
" CLSIDExtension " = " {48E73304-E1D6-4330-914C-F5F514E3486C} "
- & gt; {HKLM...CLSID} = " Send to OneNote from Internet Explorer button "
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll " [MS]

{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}\
" ButtonText " = " PalTalk "
" Exec " = " D:\Program Files\Paltalk Messenger\Paltalk.exe " [ " AVM Software Inc. " ]

{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\
" ButtonText " = " & Notatki po??czone programu OneNote "
" MenuText " = " & Notatki po??czone programu OneNote "
" CLSIDExtension " = " {FFFDC614-B694-4AE6-AB38-5D6374584B52} "
- & gt; {HKLM...CLSID} = " Linked Notes button "
\InProcServer32\(Default) = " D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll " [MS]

{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
" ButtonText " = " Skype Plug-In "
" MenuText " = " Skype Plug-In "
" CLSIDExtension " = " {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "
- & gt; {HKLM...CLSID} = " Skype Browser Helper "
\InProcServer32\(Default) = " D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll " [ " Skype Technologies S.A. " ]

{8DAE90AD-4583-4977-9DD4-4360F7A45C74}\
" ButtonText " = " Download Master "
" MenuText " = " & Download Master "
" Exec " = " D:\Program Files\Download Master\dmaster.exe " [ " WestByte " ]

{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\
" ButtonText " = " Fiddler2 "
" MenuText " = " Fiddler2 "
" Exec " = " " D:\Program Files\Fiddler2\Fiddler.exe " " [null data]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
" MenuText " = " @xpsp3res.dll,-20001 "
" Exec " = " %windir%\Network Diagnostic\xpnetdiag.exe " [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
" ButtonText " = " Messenger "
" MenuText " = " Windows Messenger "
" Exec " = " D:\Program Files\Messenger\msmsgs.exe " [MS]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
& lt; & lt; H & gt; & gt; " {14f0d511-36a2-41ca-ae01-ba4f87282c97} " = " *h*`?*?**h******** " (unwritable string)
- & gt; {HKLM...CLSID} = " SHOUTcast Toolbar Search Class "
\InProcServer32\(Default) = " D:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll " [ " AOL LLC " ]


HOSTS file
----------

D:\WINDOWS\System32\drivers\etc\HOSTS

maps: 7 domain names to IP addresses,
1 of the IP addresses is *not* localhost!


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, " D:\WINDOWS\system32\Ati2evxx.exe " [ " ATI Technologies Inc. " ]
ESET Service, ekrn, " " D:\Program Files\ESET\ESET Smart Security\ekrn.exe " " [ " ESET " ]
Net Driver HPZ12, Net Driver HPZ12, " D:\WINDOWS\System32\svchost.exe -k HPZ12 " { " D:\WINDOWS\system32\HPZinw12.dll " [ " Hewlett-Packard " ]}
Pml Driver HPZ12, Pml Driver HPZ12, " D:\WINDOWS\System32\svchost.exe -k HPZ12 " { " D:\WINDOWS\system32\HPZipm12.dll " [ " Hewlett-Packard " ]}
SQL Server (SQLEXPRESS), MSSQL$SQLEXPRESS, " " D:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe " -sSQLEXPRESS " [MS]
StarWind AE Service, StarWindServiceAE, " D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe " [ " StarWind Software " ]
TP-LINK Configuration Service, ACS, " D:\WINDOWS\system32\acs.exe " [ " Atheros " ]
TuneUp Theme Extension, UxTuneUp, " D:\WINDOWS\System32\svchost.exe -k netsvcs " { " D:\WINDOWS\System32\uxtuneup.dll " [ " TuneUp Software " ]}
TuneUp Utilities Service, TuneUp.UtilitiesSvc, " " E:\TU2011\TuneUpUtilitiesService32.exe " " [ " TuneUp Software " ]
Windows Driver Foundation - User-mode Driver Framework, WudfSvc, " D:\WINDOWS\system32\svchost.exe -k WudfServiceGroup " { " D:\WINDOWS\System32\WUDFSvc.dll " [MS]}


Keyboard Driver Filters:
------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\
& lt; & lt; ! & gt; & gt; " UpperFilters " = " kbdclass " [MS], & lt; & lt; ! & gt; & gt; " vmkbd " [ " VMware, Inc. " ]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
hpzlnt12\Driver = " hpzlnt12.dll " [ " HP " ]


---------- (launch time: 2011-08-01 16:34:48)
& lt; & lt; ! & gt; & gt; : Suspicious data at a malware launch point.
& lt; & lt; H & gt; & gt; : Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer " No " at the
first message box and " Yes " at the second message box.
---------- (total run time: 128 seconds, including 5 seconds for message boxes)


Logi.rar > BDOS1.txt

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\WINDOWS\Minidump\Mini080111-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b240
Debug session time: Mon Aug 1 22:26:02.890 2011 (GMT+2)
System Uptime: 0 days 1:08:55.482
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
............
Loading User Symbols
Loading unloaded module list
................
Unable to load image atapi.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for atapi.sys
*** ERROR: Module load completed but symbols could not be loaded for atapi.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {f7d108, 2, 0, 804ea772}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** WARNING: Unable to verify timestamp for sptd.sys
*** ERROR: Module load completed but symbols could not be loaded for sptd.sys
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Probably caused by : atapi.sys ( atapi+5ab6 )

Followup: MachineOwner
---------


Logi.rar > BDOS2.txt

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\WINDOWS\Minidump\Mini080211-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b240
Debug session time: Tue Aug 2 00:50:58.578 2011 (GMT+2)
System Uptime: 0 days 1:28:48.170
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.............
Loading User Symbols
Loading unloaded module list
..................................
Unable to load image Ntfs.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Ntfs.sys
*** ERROR: Module load completed but symbols could not be loaded for Ntfs.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {1902fe, a9e1d42c, a9e1d128, 8054bf8f}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** WARNING: Unable to verify timestamp for sptd.sys
*** ERROR: Module load completed but symbols could not be loaded for sptd.sys
*** WARNING: Unable to verify timestamp for fltMgr.sys
*** ERROR: Module load completed but symbols could not be loaded for fltMgr.sys
*** WARNING: Unable to verify timestamp for sr.sys
*** ERROR: Module load completed but symbols could not be loaded for sr.sys
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*** WARNING: Unable to verify timestamp for eamon.sys
*** ERROR: Module load completed but symbols could not be loaded for eamon.sys
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Probably caused by : Ntfs.sys ( Ntfs+28b4b )

Followup: MachineOwner
---------


Logi.rar > BDOS3.txt

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\WINDOWS\Minidump\Mini080211-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b240
Debug session time: Tue Aug 2 00:50:58.578 2011 (GMT+2)
System Uptime: 0 days 1:28:48.170
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.............
Loading User Symbols
Loading unloaded module list
..................................
Unable to load image Ntfs.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Ntfs.sys
*** ERROR: Module load completed but symbols could not be loaded for Ntfs.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {1902fe, a9e1d42c, a9e1d128, 8054bf8f}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** WARNING: Unable to verify timestamp for sptd.sys
*** ERROR: Module load completed but symbols could not be loaded for sptd.sys
*** WARNING: Unable to verify timestamp for fltMgr.sys
*** ERROR: Module load completed but symbols could not be loaded for fltMgr.sys
*** WARNING: Unable to verify timestamp for sr.sys
*** ERROR: Module load completed but symbols could not be loaded for sr.sys
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*** WARNING: Unable to verify timestamp for eamon.sys
*** ERROR: Module load completed but symbols could not be loaded for eamon.sys
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y & lt; symbol_path & gt; argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Probably caused by : Ntfs.sys ( Ntfs+28b4b )

Followup: MachineOwner
---------

  Szukaj w 5mln produktów