Rozwiązany: Log Hijack This

kobla1 · Maj 3, 2010

Podczas skanowania Malwarebytes komp strasznie zamula i w jego połowie resetuje się. Panda też nie przeprowadza skanowania do końca. Co jakiś czas wyłącza się internet i wszystkie zabezpieczenia systemowe proszę o pomoc.

Log:



Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:02:03, on 2010-05-03

Platform: Windows 7  (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal


Running processes:

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

C:\Users\CuCore\AppData\Local\Temp\is-GFG72.tmp\fwinstall.tmp

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files (x86)\Gadu-Gadu 10\gg.exe"

O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')

O4 - Startup: setup_9.0.0.722_03.05.2010_09-22.lnk = C:\Users\CuCore\Desktop\Virus Removal Tool\setup_9.0.0.722_03.05.2010_09-22\startup.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe

O23 - Service: Usuga stanu ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)

O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe

O23 - Service: Intel? Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


--

End of file - 9844 bytes

mtx25 · Maj 3, 2010

Fajknij to:

R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

C:\Users\CuCore\AppData\Local\Temp\is-GFG72.tmp\fwinstall.tmp

Fuyukai · Maj 3, 2010

Mulić mogą Ci następujące rzeczy:

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')

HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')

Ten powyższy Sidebar to nic innego jak boczne belki z pierdołami. Zużywają dużo pamięci x/.

Ogólnie możesz sobie zfixować wszystkie logi gdzie masz dopisek (file missing).

kobla1 · Maj 3, 2010

Dzięki za pomoc.Jest znaczna poprawa skanery pracuja normalnie komp także bez problemów. Panda nic nie wykryla jak skończe skan Malwarebytes prześle log do sprawdzenia.

Fuyukai · Maj 3, 2010

Bym Ci mogła podać co zrobić, żeby użycie procka maksymalnie obniżyć, ale nie mam pojęcie czy na windzie 7 wygląda tot ak samo jak na xp, więc trochę sie boję

kobla1 · Maj 3, 2010

Dzięki ale narazie komp działa bardzo dobrze

No sorry zapomniałem napisać że to 7.

A co w nim strasznego xD

Fuyukai · Maj 3, 2010

To dobrze. Tylko na przyszłość pisz, że masz winde 7, bo dopiero w logach to zauważyłam xD.

Offtop:

Boję się Twojego avka o.O

Sevard · Maj 3, 2010

Temat zostawię jeszcze jakiś czas, bo jednak mam dziwne wrażenie, że zostało usunięte za dużo i nie wiem jak Windows sobie z tym poradzi. Niestety, ale HijackThis nie nadaje się do naprawy systemów x64, między innymi dlatego, że wyświetla jako zaginione pliki, które tak naprawdę zaginione nie są.

Fuyukai · Maj 3, 2010

Haha, może tak mu siadł komp, że nawet posta już nie może napisać :laugh: .

Ja sądzę, że bądzie dobrze... Ale to już musi kolega Kobla potwierdzić.

kobla1 · Maj 3, 2010

Wszystko jest dobrze przynajmniej jak narazie. Antywiry nic nie wykrywają a komp działa dobrze. Mam nadzieję że tak zostanie.. mam tylko wątpliwoci co do procesów w Menedżerze zadań wrzucam screen

Sevard · Maj 3, 2010

Na tym screenie nic nie widać, ale w menedżerze zadań przeważnie nic nie widać. Jeśli chcesz, to dla pewności można sprawdzić log z OTL. Żeby je stworzyć zrób co następuje - ściągnij i uruchom OTL, pozaznaczaj opcje: Scan All Users, LOP Check, Purity Check. Zaznacz też opcję Use Safelist w Extra registry. Wklej oba wygenerowane przez OTL logi.

kobla1 · Maj 3, 2010

Log z OTL



OTL logfile created on: 2010-05-03 18:06:59 - Run 1

OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\CuCore\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 38,00% Memory free

8,00 Gb Paging File | 5,00 Gb Available in Paging File | 59,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 390,53 Gb Total Space | 228,29 Gb Free Space | 58,46% Space Free | Partition Type: NTFS

Drive D: | 308,01 Gb Total Space | 254,53 Gb Free Space | 82,64% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded


Computer Name: LOGIC-PC

Current User Name: CuCore

Logged in as Administrator.


Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========


PRC - [2010-05-03 18:06:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\CuCore\Desktop\OTL.exe

PRC - [2010-04-02 23:26:30 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010-03-27 11:27:10 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2010-01-14 00:45:58 | 001,552,736 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe

PRC - [2010-01-12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe

PRC - [2009-11-11 16:53:56 | 001,389,248 | ---- | M] () -- D:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Zew Prypeci\bin\xrEngine.exe

PRC - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe

PRC - [2009-10-30 18:29:56 | 000,136,448 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe

PRC - [2009-10-30 18:29:01 | 000,361,728 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

PRC - [2009-08-04 18:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

PRC - [2009-08-04 18:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

PRC - [2009-07-30 19:10:04 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe

PRC - [2009-07-30 18:51:02 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe

PRC - [2009-07-27 12:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe

PRC - [2009-06-17 13:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

PRC - [2009-06-04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009-06-04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2008-06-24 17:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

PRC - [2006-10-26 14:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

PRC - [2005-02-17 08:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========


MOD - [2010-05-03 18:06:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\CuCore\Desktop\OTL.exe

MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll

MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx

MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========


SRV:64bit: - [2009-10-19 15:17:42 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009-07-14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)

SRV:64bit: - [2009-07-14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)

SRV:64bit: - [2009-07-14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)

SRV:64bit: - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)

SRV:64bit: - [2009-07-14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)

SRV:64bit: - [2009-07-14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)

SRV:64bit: - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)

SRV:64bit: - [2009-07-14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)

SRV:64bit: - [2009-07-14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)

SRV:64bit: - [2009-07-14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)

SRV:64bit: - [2009-07-14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)

SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009-07-14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)

SRV:64bit: - [2009-07-14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)

SRV:64bit: - [2009-07-14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)

SRV:64bit: - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)

SRV:64bit: - [2009-07-14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)

SRV:64bit: - [2009-07-14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)

SRV:64bit: - [2009-07-14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)

SRV:64bit: - [2009-07-14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)

SRV:64bit: - [2009-07-14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)

SRV:64bit: - [2009-07-14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)

SRV:64bit: - [2009-07-14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)

SRV:64bit: - [2009-05-06 11:41:52 | 000,062,464 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)

SRV - [2010-05-01 09:31:05 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010-03-27 11:27:10 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)

SRV - [2009-10-30 18:29:56 | 000,136,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)

SRV - [2009-08-04 18:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)

SRV - [2009-07-30 18:51:02 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)

SRV - [2009-07-27 12:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)

SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)

SRV - [2009-07-14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)

SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)

SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)

SRV - [2009-07-13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)

SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)

SRV - [2009-06-04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®

SRV - [2008-10-25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)

SRV - [2006-10-26 14:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)


========== Driver Services (SafeList) ==========


DRV:64bit: - [2010-04-03 15:34:12 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2010-02-05 09:17:56 | 000,306,648 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)

DRV:64bit: - [2010-02-04 02:39:32 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2010-02-02 15:23:16 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)

DRV:64bit: - [2010-01-13 08:59:28 | 000,164,496 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplfw64.sys -- (pctplfw)

DRV:64bit: - [2010-01-12 09:34:16 | 000,095,504 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys -- (PCTFW-PacketFilter)

DRV:64bit: - [2010-01-07 11:35:10 | 000,081,584 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctNdis64.sys -- (pctNDIS)

DRV:64bit: - [2009-12-18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV:64bit: - [2009-12-11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)

DRV:64bit: - [2009-10-30 17:14:59 | 000,164,872 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)

DRV:64bit: - [2009-10-22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\48677122.sys -- (48677122)

DRV:64bit: - [2009-10-19 15:50:12 | 006,098,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009-10-13 16:50:52 | 000,116,232 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)

DRV:64bit: - [2009-10-13 16:50:51 | 000,135,688 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)

DRV:64bit: - [2009-10-13 16:50:51 | 000,113,160 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)

DRV:64bit: - [2009-10-09 23:30:56 | 000,352,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\4867712.sys -- (setup_9.0.0.722_03.05.2010_09-22drv)

DRV:64bit: - [2009-09-30 03:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009-09-26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)

DRV:64bit: - [2009-09-25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\48677121.sys -- (48677121)

DRV:64bit: - [2009-08-09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)

DRV:64bit: - [2009-07-30 13:58:42 | 000,236,544 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009-07-20 04:27:34 | 000,027,136 | R--- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)

DRV:64bit: - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)

DRV:64bit: - [2009-07-14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)

DRV:64bit: - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009-07-14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)

DRV:64bit: - [2009-07-14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)

DRV:64bit: - [2009-07-14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)

DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-07-14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)

DRV:64bit: - [2009-07-14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)

DRV:64bit: - [2009-07-14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)

DRV:64bit: - [2009-07-14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)

DRV:64bit: - [2009-07-14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV:64bit: - [2009-07-14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV:64bit: - [2009-07-14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)

DRV:64bit: - [2009-07-14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)

DRV:64bit: - [2009-07-14 02:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)

DRV:64bit: - [2009-07-14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)

DRV:64bit: - [2009-07-14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)

DRV:64bit: - [2009-07-14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)

DRV:64bit: - [2009-07-14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)

DRV:64bit: - [2009-07-14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)

DRV:64bit: - [2009-07-14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV:64bit: - [2009-07-14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)

DRV:64bit: - [2009-07-14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)

DRV:64bit: - [2009-07-14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)

DRV:64bit: - [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)

DRV:64bit: - [2009-07-14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)

DRV:64bit: - [2009-07-14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)

DRV:64bit: - [2009-07-14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)

DRV:64bit: - [2009-07-14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)

DRV:64bit: - [2009-07-14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)

DRV:64bit: - [2009-07-14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)

DRV:64bit: - [2009-07-14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)

DRV:64bit: - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)

DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009-06-04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009-04-06 05:14:06 | 000,050,688 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)

DRV:64bit: - [2009-04-06 05:14:06 | 000,050,688 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)

DRV:64bit: - [2009-02-17 19:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)

DRV:64bit: - [2009-02-17 19:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)

DRV:64bit: - [2007-12-03 04:20:54 | 000,024,064 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)

DRV:64bit: - [2007-12-03 04:20:54 | 000,024,064 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)

DRV - [2010-05-03 13:15:08 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)

DRV - [2009-09-28 20:20:43 | 000,089,256 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysWOW64\ElbyCDIO.dll -- (ElbyCDIO)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009-07-14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)

DRV - [2009-06-10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)

DRV - [2009-06-10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)

DRV - [2007-12-14 10:00:46 | 000,029,976 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GZSQ.SYS -- (GZSQ)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-3378817161-1844486315-750288210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

IE - HKU\S-1-5-21-3378817161-1844486315-750288210-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.71


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-04-15 20:29:07 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-04-16 11:36:56 | 000,000,000 | ---D | M]


[2010-02-02 16:37:41 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\mozilla\Extensions

[2010-05-02 20:17:00 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\mozilla\Firefox\Profiles\xb9njl6v.default\extensions

[2010-04-30 23:15:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\CuCore\AppData\Roaming\mozilla\Firefox\Profiles\xb9njl6v.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

[2010-02-02 16:37:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions

[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml

[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml

[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml

[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml

[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml

[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml


O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [00PCTFW] C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)

O4 - HKU\S-1-5-21-3378817161-1844486315-750288210-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKU\S-1-5-21-3378817161-1844486315-750288210-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKU\S-1-5-21-3378817161-1844486315-750288210-1000..\Run: [ISUSPM Startup] C:\Pliki programów (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found

O4 - HKU\S-1-5-21-3378817161-1844486315-750288210-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - Startup: C:\Users\CuCore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_03.05.2010_09-22.lnk = C:\Users\CuCore\Desktop\Virus Removal Tool\setup_9.0.0.722_03.05.2010_09-22\startup.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-3378817161-1844486315-750288210-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{3804ca9f-1031-11df-baf5-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{3804ca9f-1031-11df-baf5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========


[2010-05-03 18:06:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\CuCore\Desktop\OTL.exe

[2010-05-03 12:34:38 | 000,000,000 | ---D | C] -- C:\Users\CuCore\AppData\Roaming\PCToolsFirewallPlus

[2010-05-03 10:01:14 | 000,095,504 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys

[2010-05-03 10:01:14 | 000,042,456 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis-DNS64.sys

[2010-05-03 10:01:13 | 000,164,496 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplfw64.sys

[2010-05-03 10:01:13 | 000,081,584 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis64.sys

[2010-05-03 10:01:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Firewall Plus

[2010-05-03 09:55:41 | 000,306,648 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys

[2010-05-03 09:55:41 | 000,133,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys

[2010-05-03 09:55:34 | 000,233,488 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys

[2010-05-03 09:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2010-05-03 09:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010-05-03 09:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2010-05-03 09:12:08 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\4867712.sys

[2010-05-03 09:12:08 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\48677121.sys

[2010-05-03 09:12:08 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\48677122.sys

[2010-05-03 09:12:08 | 000,000,000 | ---D | C] -- C:\Users\CuCore\Desktop\Virus Removal Tool

[2010-05-03 08:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010-04-30 19:00:15 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys

[2010-04-30 19:00:06 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2010-04-30 19:00:06 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys

[2010-04-25 11:08:35 | 000,000,000 | R--D | C] -- C:\Users\CuCore\AppData\Roaming\Brother

[2010-04-25 10:48:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pity 2009

[2010-04-19 23:08:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\S.T.A.L.K.E.R. - Zew Prypeci

[2010-04-19 20:17:28 | 000,000,000 | ---D | C] -- C:\Users\CuCore\AppData\Roaming\Touchstone

[2010-04-19 19:13:09 | 000,000,000 | ---D | C] -- C:\Windows\A5B5A16D277A476B8F621029A2F23072.TMP

[2010-04-19 19:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010-04-17 11:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab

[2010-04-17 11:03:50 | 000,000,000 | ---D | C] -- C:\Users\CuCore\SystemRequirementsLab

[2010-04-17 11:03:41 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010-04-16 22:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft

[2010-04-15 20:53:06 | 000,000,000 | ---D | C] -- C:\Users\CuCore\AppData\Local\Midway

[2010-04-14 14:47:12 | 000,000,000 | ---D | C] -- C:\Users\CuCore\DoctorWeb

[2010-04-14 14:24:40 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2010-04-14 14:24:40 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll

[2010-04-14 14:24:39 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2010-04-14 14:24:39 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2010-04-14 14:24:39 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2010-04-14 14:21:10 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll

[2010-04-14 14:21:10 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll

[2010-04-14 14:17:09 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

[2010-04-14 14:17:09 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll

[2010-04-13 13:02:22 | 000,000,000 | ---D | C] -- C:\Users\CuCore\Documents\Hitman Blood Money

[2010-04-13 12:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman - Krwawa Forsa

[2010-04-07 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\CuCore\AppData\Roaming\Malwarebytes

[2010-04-07 22:53:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010-04-07 22:53:07 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010-04-07 22:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010-04-07 22:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========


[2010-05-03 18:09:02 | 002,097,152 | -HS- | M] () -- C:\Users\CuCore\NTUSER.DAT

[2010-05-03 18:06:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\CuCore\Desktop\OTL.exe

[2010-05-03 16:27:05 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Temphu4788.html

[2010-05-03 16:27:05 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempDK4788.html

[2010-05-03 16:11:47 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempLC3720.html

[2010-05-03 16:11:47 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempyH3720.html

[2010-05-03 13:59:48 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempmd3716.html

[2010-05-03 13:59:48 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVh3716.html

[2010-05-03 13:22:18 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010-05-03 13:22:18 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010-05-03 13:15:08 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys

[2010-05-03 13:15:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-05-03 13:15:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-05-03 13:15:01 | 3220,033,536 | -HS- | M] () -- C:\hiberfil.sys

[2010-05-03 13:14:17 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempFl3980.html

[2010-05-03 13:14:17 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempsV3980.html

[2010-05-03 13:14:16 | 003,172,584 | -H-- | M] () -- C:\Users\CuCore\AppData\Local\IconCache.db

[2010-05-03 13:08:41 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempRr4452.html

[2010-05-03 13:08:41 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempak4452.html

[2010-05-03 12:35:43 | 000,007,412 | ---- | M] () -- C:\Windows\SysNative\drivers\PCTAppEvent.cat

[2010-05-03 10:33:43 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemprTl832.html

[2010-05-03 10:33:43 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempEaD832.html

[2010-05-03 09:52:23 | 001,552,302 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010-05-03 09:52:23 | 000,697,200 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2010-05-03 09:52:23 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010-05-03 09:52:23 | 000,136,690 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2010-05-03 09:52:23 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010-05-03 09:44:11 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempvxa980.html

[2010-05-03 09:44:11 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVwz980.html

[2010-05-03 09:12:44 | 000,002,212 | ---- | M] () -- C:\Users\CuCore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_03.05.2010_09-22.lnk

[2010-05-03 08:49:32 | 000,002,981 | ---- | M] () -- C:\Users\CuCore\Desktop\HiJackThis.lnk

[2010-05-03 00:00:25 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempID4044.html

[2010-05-03 00:00:25 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempaP4044.html

[2010-05-02 17:05:03 | 000,183,112 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2010-05-01 14:09:39 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempJm3924.html

[2010-05-01 14:09:39 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempFm3924.html

[2010-05-01 13:48:53 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempmC2912.html

[2010-05-01 13:48:53 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempwm2912.html

[2010-05-01 09:32:23 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2010-05-01 09:28:21 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempmD3588.html

[2010-05-01 09:28:21 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVb3588.html

[2010-04-30 22:02:35 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempNf4180.html

[2010-04-30 22:02:35 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempNO4180.html

[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010-04-25 10:48:58 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Pity 2009.lnk

[2010-04-19 23:27:23 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempyv5072.html

[2010-04-19 23:27:23 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempSd5072.html

[2010-04-19 23:08:39 | 000,001,241 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Zew Prypeci.lnk

[2010-04-19 23:06:36 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Temphz4900.html

[2010-04-19 23:06:36 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempOl4900.html

[2010-04-19 20:17:09 | 000,000,870 | ---- | M] () -- C:\Windows\disney.ini

[2010-04-19 20:17:04 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\Turok.lnk

[2010-04-19 20:10:59 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVa2684.html

[2010-04-19 20:10:59 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Temple2684.html

[2010-04-19 10:10:00 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempbz2872.html

[2010-04-19 10:10:00 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempHj2872.html

[2010-04-18 22:32:18 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVU4360.html

[2010-04-18 22:32:18 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempdK4360.html

[2010-04-18 18:30:03 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempZh3380.html

[2010-04-18 18:30:03 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemprT3380.html

[2010-04-18 13:19:23 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemppzB848.html

[2010-04-18 13:19:23 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempKBZ848.html

[2010-04-17 23:03:23 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempSw2924.html

[2010-04-17 23:03:23 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempyP2924.html

[2010-04-17 19:17:53 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempWr2216.html

[2010-04-17 19:17:53 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempjt2216.html

[2010-04-17 11:32:07 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVt1356.html

[2010-04-17 11:32:07 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempct1356.html

[2010-04-16 22:54:49 | 000,002,285 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V.lnk

[2010-04-16 22:52:57 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempgq3568.html

[2010-04-16 22:52:57 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempMw3568.html

[2010-04-16 20:15:53 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempdY3020.html

[2010-04-16 20:15:53 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempjj3020.html

[2010-04-16 15:22:53 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempjK1116.html

[2010-04-16 15:22:53 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempAq1116.html

[2010-04-16 13:19:11 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempJb3312.html

[2010-04-16 13:19:11 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempYw3312.html

[2010-04-16 13:17:29 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempfK2744.html

[2010-04-16 13:17:29 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempMA2744.html

[2010-04-16 13:15:34 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempBk2884.html

[2010-04-16 13:15:34 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempeb2884.html

[2010-04-16 11:42:48 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempkf2704.html

[2010-04-16 11:42:48 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemphY2704.html

[2010-04-16 11:36:56 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010-04-15 23:26:31 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempWM2980.html

[2010-04-15 23:26:31 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempWr2980.html

[2010-04-14 22:55:41 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempJQN852.html

[2010-04-14 22:55:41 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Templqs852.html

[2010-04-14 21:31:38 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempuEj912.html

[2010-04-14 21:31:38 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempUiO912.html

[2010-04-14 16:29:53 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempIi2516.html

[2010-04-14 16:29:53 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Temphc2516.html

[2010-04-13 22:47:05 | 000,012,266 | ---- | M] () -- C:\Users\CuCore\Documents\Honor.m3u

[2010-04-13 22:46:15 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempbA2484.html

[2010-04-13 22:46:15 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempYB2484.html

[2010-04-13 21:58:18 | 000,026,112 | ---- | M] () -- C:\Users\CuCore\Desktop\4-DNIOWY PROGRAM TRENINGOWY for Krzysiek.doc

[2010-04-13 15:09:25 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempDL2488.html

[2010-04-13 15:09:25 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempYl2488.html

[2010-04-13 12:59:55 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Hitman - Krwawa Forsa.lnk

[2010-04-12 23:06:55 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempgZ3176.html

[2010-04-12 23:06:55 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempfw3176.html

[2010-04-12 23:01:14 | 000,008,588 | ---- | M] () -- C:\Users\CuCore\Desktop\gallery-86172169-500x500.jpg

[2010-04-12 21:04:45 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemptW2504.html

[2010-04-12 21:04:45 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempsm2504.html

[2010-04-12 15:33:44 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempBv2512.html

[2010-04-12 15:33:44 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempFx2512.html

[2010-04-12 15:07:24 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempgH2468.html

[2010-04-12 15:07:24 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempBO2468.html

[2010-04-11 23:01:49 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempAF2500.html

[2010-04-11 23:01:49 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempek2500.html

[2010-04-10 12:21:32 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempMy2920.html

[2010-04-10 12:21:32 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempXL2920.html

[2010-04-10 12:19:06 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempbQ2560.html

[2010-04-10 12:19:06 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempEw2560.html

[2010-04-10 02:19:15 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempre2536.html

[2010-04-10 02:19:15 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempCI2536.html

[2010-04-09 14:50:55 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Temprj2496.html

[2010-04-09 14:50:55 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempTm2496.html

[2010-04-08 23:46:58 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempGc2492.html

[2010-04-08 23:46:58 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempSq2492.html

[2010-04-08 22:32:09 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempoI2556.html

[2010-04-08 22:32:09 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempjH2556.html

[2010-04-08 00:10:35 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempwh2488.html

[2010-04-08 00:10:35 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempVy2488.html

[2010-04-07 22:53:11 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010-04-07 16:05:41 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Templt2484.html

[2010-04-07 16:05:41 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemplD2484.html

[2010-04-06 23:57:44 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempJp2488.html

[2010-04-06 23:57:44 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempdD2488.html

[2010-04-06 21:14:49 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempCG2472.html

[2010-04-06 21:14:49 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempto2472.html

[2010-04-05 13:31:56 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempez3796.html

[2010-04-05 13:31:56 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempsF3796.html

[2010-04-05 12:46:22 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempER2484.html

[2010-04-05 12:46:22 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempMv2484.html

[2010-04-05 01:05:28 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempuZz236.html

[2010-04-05 01:05:28 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempqIE236.html

[2010-04-04 22:01:21 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempxR3388.html

[2010-04-04 22:01:21 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\Tempqi3388.html

[2010-04-04 18:09:18 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempMt2848.html

[2010-04-04 18:09:18 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempYb2848.html

[2010-04-04 16:27:15 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempvA2512.html

[2010-04-04 16:27:15 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempFv2512.html

[2010-04-04 00:08:11 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempMW1940.html

[2010-04-04 00:08:11 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemppT1940.html

[2010-04-03 19:40:06 | 000,002,432 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TempuJ2480.html

[2010-04-03 19:40:06 | 000,002,089 | ---- | M] () -- C:\Users\CuCore\AppData\Local\TemprL2480.html

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========


[2010-05-03 16:16:24 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Temphu4788.html

[2010-05-03 16:16:24 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempDK4788.html

[2010-05-03 15:02:36 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempLC3720.html

[2010-05-03 15:02:36 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempyH3720.html

[2010-05-03 13:15:51 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempmd3716.html

[2010-05-03 13:15:51 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVh3716.html

[2010-05-03 13:10:40 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempFl3980.html

[2010-05-03 13:10:40 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempsV3980.html

[2010-05-03 12:57:53 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempRr4452.html

[2010-05-03 12:57:53 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempak4452.html

[2010-05-03 12:35:43 | 000,007,412 | ---- | C] () -- C:\Windows\SysNative\drivers\PCTAppEvent.cat

[2010-05-03 10:31:58 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemprTl832.html

[2010-05-03 10:31:58 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempEaD832.html

[2010-05-03 10:01:14 | 000,007,405 | ---- | C] () -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.cat

[2010-05-03 10:01:14 | 000,007,382 | ---- | C] () -- C:\Windows\SysNative\drivers\pctNdis-DNS64.cat

[2010-05-03 10:01:13 | 000,007,366 | ---- | C] () -- C:\Windows\SysNative\drivers\pctplfw64.cat

[2010-05-03 09:55:41 | 000,007,357 | ---- | C] () -- C:\Windows\SysNative\drivers\pctgntdi64.cat

[2010-05-03 09:55:34 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctcore64.cat

[2010-05-03 09:29:46 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempvxa980.html

[2010-05-03 09:29:46 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVwz980.html

[2010-05-03 09:12:44 | 000,002,212 | ---- | C] () -- C:\Users\CuCore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_03.05.2010_09-22.lnk

[2010-05-03 08:49:32 | 000,002,981 | ---- | C] () -- C:\Users\CuCore\Desktop\HiJackThis.lnk

[2010-05-02 18:26:24 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempID4044.html

[2010-05-02 18:26:24 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempaP4044.html

[2010-05-01 14:09:30 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempJm3924.html

[2010-05-01 14:09:30 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempFm3924.html

[2010-05-01 13:27:02 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempmC2912.html

[2010-05-01 13:27:02 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempwm2912.html

[2010-05-01 09:27:57 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempmD3588.html

[2010-05-01 09:27:57 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVb3588.html

[2010-04-30 19:20:01 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempNf4180.html

[2010-04-30 19:20:01 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempNO4180.html

[2010-04-25 10:48:58 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Pity 2009.lnk

[2010-04-19 23:27:13 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempyv5072.html

[2010-04-19 23:27:13 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempSd5072.html

[2010-04-19 23:08:39 | 000,001,241 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Zew Prypeci.lnk

[2010-04-19 22:46:58 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Temphz4900.html

[2010-04-19 22:46:58 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempOl4900.html

[2010-04-19 20:17:04 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\Turok.lnk

[2010-04-19 19:11:58 | 000,000,870 | ---- | C] () -- C:\Windows\disney.ini

[2010-04-19 19:11:36 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVa2684.html

[2010-04-19 19:11:36 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Temple2684.html

[2010-04-19 10:09:17 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempbz2872.html

[2010-04-19 10:09:17 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempHj2872.html

[2010-04-18 19:37:01 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVU4360.html

[2010-04-18 19:37:01 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempdK4360.html

[2010-04-18 14:14:51 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempZh3380.html

[2010-04-18 14:14:51 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemprT3380.html

[2010-04-18 12:02:38 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemppzB848.html

[2010-04-18 12:02:38 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempKBZ848.html

[2010-04-17 19:43:53 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempSw2924.html

[2010-04-17 19:43:53 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempyP2924.html

[2010-04-17 16:47:14 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempWr2216.html

[2010-04-17 16:47:14 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempjt2216.html

[2010-04-17 08:58:24 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVt1356.html

[2010-04-17 08:58:24 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempct1356.html

[2010-04-16 22:54:49 | 000,002,285 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V.lnk

[2010-04-16 22:44:39 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempgq3568.html

[2010-04-16 22:44:39 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempMw3568.html

[2010-04-16 19:18:32 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempdY3020.html

[2010-04-16 19:18:32 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempjj3020.html

[2010-04-16 14:21:11 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempjK1116.html

[2010-04-16 14:21:11 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempAq1116.html

[2010-04-16 13:17:57 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempJb3312.html

[2010-04-16 13:17:57 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempYw3312.html

[2010-04-16 13:17:12 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempfK2744.html

[2010-04-16 13:17:12 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempMA2744.html

[2010-04-16 11:44:16 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempBk2884.html

[2010-04-16 11:44:16 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempeb2884.html

[2010-04-16 11:33:37 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempkf2704.html

[2010-04-16 11:33:37 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemphY2704.html

[2010-04-15 19:11:42 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempWM2980.html

[2010-04-15 19:11:42 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempWr2980.html

[2010-04-14 22:14:45 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempJQN852.html

[2010-04-14 22:14:45 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Templqs852.html

[2010-04-14 18:18:10 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempuEj912.html

[2010-04-14 18:18:10 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempUiO912.html

[2010-04-14 14:15:08 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempIi2516.html

[2010-04-14 14:15:08 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Temphc2516.html

[2010-04-13 21:58:15 | 000,026,112 | ---- | C] () -- C:\Users\CuCore\Desktop\4-DNIOWY PROGRAM TRENINGOWY for Krzysiek.doc

[2010-04-13 16:41:53 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempbA2484.html

[2010-04-13 16:41:53 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempYB2484.html

[2010-04-13 12:59:55 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Hitman - Krwawa Forsa.lnk

[2010-04-13 12:27:51 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempDL2488.html

[2010-04-13 12:27:51 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempYl2488.html

[2010-04-12 23:01:12 | 000,008,588 | ---- | C] () -- C:\Users\CuCore\Desktop\gallery-86172169-500x500.jpg

[2010-04-12 22:34:58 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempgZ3176.html

[2010-04-12 22:34:58 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempfw3176.html

[2010-04-12 19:54:58 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemptW2504.html

[2010-04-12 19:54:58 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempsm2504.html

[2010-04-12 15:27:27 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempBv2512.html

[2010-04-12 15:27:27 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempFx2512.html

[2010-04-12 14:14:32 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempgH2468.html

[2010-04-12 14:14:32 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempBO2468.html

[2010-04-11 20:03:54 | 000,012,266 | ---- | C] () -- C:\Users\CuCore\Documents\Honor.m3u

[2010-04-11 11:38:24 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempAF2500.html

[2010-04-11 11:38:24 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempek2500.html

[2010-04-10 12:19:09 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempMy2920.html

[2010-04-10 12:19:09 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempXL2920.html

[2010-04-10 12:07:55 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempbQ2560.html

[2010-04-10 12:07:55 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempEw2560.html

[2010-04-10 01:59:41 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempre2536.html

[2010-04-10 01:59:41 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempCI2536.html

[2010-04-09 14:20:55 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Temprj2496.html

[2010-04-09 14:20:55 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempTm2496.html

[2010-04-08 22:33:27 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempGc2492.html

[2010-04-08 22:33:27 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempSq2492.html

[2010-04-08 14:20:00 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempoI2556.html

[2010-04-08 14:20:00 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempjH2556.html

[2010-04-07 22:53:11 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010-04-07 17:48:33 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempwh2488.html

[2010-04-07 17:48:33 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempVy2488.html

[2010-04-07 14:16:42 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Templt2484.html

[2010-04-07 14:16:42 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemplD2484.html

[2010-04-06 21:36:23 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempJp2488.html

[2010-04-06 21:36:23 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempdD2488.html

[2010-04-06 11:43:01 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempCG2472.html

[2010-04-06 11:43:01 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempto2472.html

[2010-04-05 13:20:57 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempez3796.html

[2010-04-05 13:20:57 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempsF3796.html

[2010-04-05 11:50:34 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempER2484.html

[2010-04-05 11:50:34 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempMv2484.html

[2010-04-05 01:05:14 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempuZz236.html

[2010-04-05 01:05:14 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempqIE236.html

[2010-04-04 21:17:09 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempxR3388.html

[2010-04-04 21:17:09 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\Tempqi3388.html

[2010-04-04 17:12:35 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempMt2848.html

[2010-04-04 17:12:35 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempYb2848.html

[2010-04-04 10:30:34 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempvA2512.html

[2010-04-04 10:30:34 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempFv2512.html

[2010-04-03 21:06:18 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempMW1940.html

[2010-04-03 21:06:18 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemppT1940.html

[2010-04-03 19:07:37 | 000,002,432 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TempuJ2480.html

[2010-04-03 19:07:37 | 000,002,089 | ---- | C] () -- C:\Users\CuCore\AppData\Local\TemprL2480.html

[2010-03-08 21:25:51 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2010-03-08 21:25:51 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI

[2010-02-26 12:55:23 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2010-02-21 20:37:30 | 001,575,648 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010-02-02 16:59:29 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll

[2010-02-02 15:22:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll

[2010-02-02 15:22:40 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2010-02-02 15:22:40 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2010-02-02 14:44:26 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2004-10-11 12:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\ASUSASV2.DLL

========== LOP Check ==========


[2010-03-15 21:15:42 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\Bioshock

[2010-04-12 22:35:45 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\Gadu-Gadu 10

[2010-02-02 16:11:57 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\GHISLER

[2010-02-03 12:16:17 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\gnupg

[2010-03-27 11:15:39 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\Leadertech

[2010-02-03 13:12:14 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\Panda Security

[2010-05-03 12:35:11 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\PCToolsFirewallPlus

[2010-03-13 11:55:23 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\The Creative Assembly

[2010-04-19 20:17:28 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\Touchstone

[2010-03-18 12:52:19 | 000,000,000 | ---D | M] -- C:\Users\CuCore\AppData\Roaming\XRay Engine

[2010-05-03 08:24:12 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========


@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >

Sevard · Maj 3, 2010

Log nie jest pełny, ale nic szkodliwego nie widać.

kobla1 · Maj 3, 2010

Tego brakowało?

OTL Extras logfile created on: 2010-05-03 18:06:59 - Run 1

OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\CuCore\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 38,00% Memory free

8,00 Gb Paging File | 5,00 Gb Available in Paging File | 59,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 390,53 Gb Total Space | 228,29 Gb Free Space | 58,46% Space Free | Partition Type: NTFS

Drive D: | 308,01 Gb Total Space | 254,53 Gb Free Space | 82,64% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: LOGIC-PC

Current User Name: CuCore

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3378817161-1844486315-750288210-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{120F2308-86AE-E1BB-E0AE-F598807DFCE5}" = ATI AVIVO64 Codecs

"{3973DD74-2444-1CD4-278A-E7A77E4E53EE}" = ccc-utility64

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel? Matrix Storage Manager

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{C98BBC25-490C-4F3F-81D8-5D12C11732DF}" = Panda Cloud Antivirus

"{E81A0194-0334-07A8-9757-2D0C65BF2F09}" = ATI Catalyst Install Manager

"{FAE188FD-A941-49E9-A5E9-F6D88517EC40}" = Smart Recovery B09.0827.2 (x64)

"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2

"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver

"{1BC3AF44-D80E-4744-A8E1-9BC540424AC9}" = Turok

"{23887221-512C-8DE0-8FCD-15AFBA0D105C}" = Catalyst Control Center Core Implementation

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{3624A532-D480-4043-84C8-114AAA0BED1D}" = Gears of War

"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup

"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B8.0717.01

"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Zew Prypeci [v1.6.01]

"{442D5880-05B4-4DC8-A038-2EDA79FAE601}" = Warhammer Mark of Chaos Manual Patch

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4ABCCAA5-468D-4668-9C19-78F0D775F4C9}" = Hitman - Krwawa Forsa

"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space?

"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones

"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.0721.1

"{4E39BA76-09F8-FBA6-25BA-E9A1D9D87547}" = Catalyst Control Center Graphics Previews Vista

"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Jednostki Specjalne

"{558DD876-6EA3-03FF-7BCA-D5F6F0BD504F}" = Catalyst Control Center Graphics Full Existing

"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility

"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX

"{5F374D5D-DB43-4263-9C29-BAB2C93FEFE6}" = Warhammer? Mark of Chaos

"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack

"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon

"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73CDCA64-491D-4EA8-CD8B-AE69CE1373F8}" = Catalyst Control Center Localization All

"{765443B7-555F-4E8C-9C96-A52409AE4E4A}" = Utility

"{765F08CB-DCFE-44D1-8CF4-94BDBF307816}" = Touchstone Installer

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online

"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B9.0730.1

"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD

"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007

"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007

"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007

"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007

"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007

"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007

"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007

"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007

"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007

"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007

"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab

"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE

"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed? Most Wanted

"{A5CCD0C8-6D5E-4515-BDD7-2A22D5D91045}" = Nero 8 Essentials

"{A86409C5-ABB1-901D-7059-889D11F67F2D}" = Catalyst Control Center Graphics Full New

"{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding

"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{AD6B6A15-7605-AC08-4A01-63A968374113}" = CCC Help Polish

"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed? SHIFT

"{C0086B27-8E52-42D4-8393-236391EF18F6}" = Heroes of Might and Magic V

"{C0EA1DDF-896F-426A-A8FC-500743EECC36}" = USB Vibration Joystick

"{C3DF6B7D-BDF3-AC88-F2D2-05FCFC1A66DC}" = ccc-core-static

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CCDDAA87-1C54-B1FB-BD7E-CC910EA7DDB9}" = Catalyst Control Center Graphics Light

"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White? 2

"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock

"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt

"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed? Undercover

"{EEBABD91-2B8C-DB09-17C1-D7B661A040C9}" = Catalyst Control Center InstallProxy

"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin Edycja Rozszerzona

"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2

"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Alone In The Dark_is1" = Alone In The Dark

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Gadu-Gadu 10" = Gadu-Gadu 10

"Guild Wars" = Guild Wars

"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.0721.1

"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online

"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor

"InstallShield_{FAE188FD-A941-49E9-A5E9-F6D88517EC40}" = Smart Recovery B09.0827.2 (x64)

"LastFM_is1" = Last.fm 1.5.4.24567

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"Panda Cloud Antivirus" = Panda Cloud Antivirus

"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0

"Pity 2009_is1" = Pity 2009

"resident evil 4" = resident evil 4

"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky [v1.0009]

"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]

"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed

"Steam App 10500" = Empire: Total War

"Totalcmd" = Total Commander (Remove or Repair)

"VirtualCloneDrive" = VirtualCloneDrive

"Winamp" = Winamp

"xvid" = XviD MPEG-4 Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3378817161-1844486315-750288210-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Detektor Winampa

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2010-04-19 13:13:10 | Computer Name = Logic-PC | Source = MsiInstaller | ID = 1013

Description =

Error - 2010-04-19 13:58:46 | Computer Name = Logic-PC | Source = SideBySide | ID = 16842832

Description = Nie można wygenerować kontekstu aktywacji dla ?C:\Program Files (x86)\Nero\Nero8\Nero

Toolkit\DiscSpeed.exe?. Błąd w pliku manifestu lub w pliku zasad ?? w wierszu .

Wersja

składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która

jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Składnik

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 2010-04-24 14:33:58 | Computer Name = Logic-PC | Source = SideBySide | ID = 16842832

Description = Nie można wygenerować kontekstu aktywacji dla ?C:\Program Files (x86)\Nero\Nero8\Nero

Toolkit\DiscSpeed.exe?. Błąd w pliku manifestu lub w pliku zasad ?? w wierszu .

Wersja

składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która

jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Składnik

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 2010-04-25 05:19:29 | Computer Name = Logic-PC | Source = EventSystem | ID = 4621

Description =

Error - 2010-04-27 15:53:57 | Computer Name = Logic-PC | Source = SideBySide | ID = 16842832

Description = Nie można wygenerować kontekstu aktywacji dla ?C:\Program Files (x86)\Nero\Nero8\Nero

Toolkit\DiscSpeed.exe?. Błąd w pliku manifestu lub w pliku zasad ?? w wierszu .

Wersja

składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która

jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Składnik

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 2010-04-30 15:53:27 | Computer Name = Logic-PC | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: javaw.exe, wersja: 6.0.180.7, sygnatura

czasowa: 0x4b2aa6d3 Nazwa modułu powodującego błąd: java.dll, wersja: 6.0.180.7,

sygnatura czasowa: 0x4b2ad748 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00005875

Identyfikator

procesu powodującego błąd: 0x3c0 Godzina uruchomienia aplikacji powodującej błąd:

0x01cae89ecbbdd0ae Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Ścieżka

modułu powodującego błąd: C:\Program Files (x86)\Java\jre6\bin\java.dll Identyfikator

raportu: 0ab7b099-5492-11df-819d-84d8a96dfd18

Error - 2010-05-01 08:39:25 | Computer Name = Logic-PC | Source = SideBySide | ID = 16842832

Description = Nie można wygenerować kontekstu aktywacji dla ?C:\Program Files (x86)\Nero\Nero8\Nero

Toolkit\DiscSpeed.exe?. Błąd w pliku manifestu lub w pliku zasad ?? w wierszu .

Wersja

składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która

jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Składnik

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 2010-05-02 11:04:23 | Computer Name = Logic-PC | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: nfs.exe, wersja: 1.0.1.17, sygnatura

czasowa: 0x49874e4f Nazwa modułu powodującego błąd: MSVCR80.dll, wersja: 8.0.50727.4927,

sygnatura czasowa: 0x4a2752ff Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000150f0

Identyfikator

procesu powodującego błąd: 0xe68 Godzina uruchomienia aplikacji powodującej błąd:

0x01cae9e8e147b874 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\EA

GAMES\Need for Speed Undercover\nfs.exe Ścieżka modułu powodującego błąd: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b

5\MSVCR80.dll

Identyfikator

raportu: fdabc957-55fb-11df-93f0-e76054525c4b

Error - 2010-05-03 04:03:06 | Computer Name = Logic-PC | Source = Application Hang | ID = 1002

Description = Program fwinstall.tmp w wersji 51.49.0.0 zatrzymał interakcję z systemem

Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji

dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum

akcji. Identyfikator procesu: e60 Godzina rozpoczęcia: 01caea9532cd45a5 Godzina zakończenia:

0 Ścieżka aplikacji: C:\Users\CuCore\AppData\Local\Temp\is-GFG72.tmp\fwinstall.tmp

Identyfikator

raportu:

Error - 2010-05-03 07:11:48 | Computer Name = Logic-PC | Source = pctsSvc.exe | ID = 0

Description =

[ System Events ]

Error - 2010-05-03 03:40:19 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7000

Description = Nie można uruchomić usługi Usługa interfejsu magazynu sieciowego z

powodu następującego błędu: %%1053

Error - 2010-05-03 03:40:19 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7001

Description = Usługa Klient DNS zależy od usługi Usługa interfejsu magazynu sieciowego,

której nie można uruchomić z powodu następującego błędu: %%1053

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7001

Description = Usługa Zdalne wywoływanie procedur (RPC) zależy od usługi Program

mapowania punktów końcowych wywołań RPC, której nie można uruchomić z powodu następującego

błędu: %%1062

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7001

Description = Usługa Podstawowy aparat filtrowania zależy od usługi Zdalne wywoływanie

procedur (RPC), której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7001

Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,

której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7009

Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się

z usługą Usługa zasad diagnostyki.

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7000

Description = Nie można uruchomić usługi Usługa zasad diagnostyki z powodu następującego

błędu: %%1053

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7001

Description = Usługa Zdalne wywoływanie procedur (RPC) zależy od usługi Program

mapowania punktów końcowych wywołań RPC, której nie można uruchomić z powodu następującego

błędu: %%1062

Error - 2010-05-03 03:40:23 | Computer Name = Logic-PC | Source = Service Control Manager | ID = 7001

Description = Usługa Podstawowy aparat filtrowania zależy od usługi Zdalne wywoływanie

procedur (RPC), której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2010-05-03 04:19:13 | Computer Name = Logic-PC | Source = VDS Basic Provider | ID = 33554433

Description =

< End of report >

Wracam w sobotę więc w razie czego dopiero wtedy jesli sie okaze że trzeba będę mógł cos zrobic a jesli wszystko jest ok to do zamknięcia.

Sevard · Maj 4, 2010

Hm, jakieś błędy związane z usługami systemowymi. Tu niestety średnio mogę pomóc, bo w usługach Windowsa Seven nie za bardzo się orientuję.

kobla1 · Maj 8, 2010

Hmm.Ok jak narazie działa dobrze.Dzięki za pomoc myślę że temat do zamknięcia.

Sevard · Maj 8, 2010

Problem rozwiązany, więc temat zamykam.

W razie potrzeby otwarcia tematu, proszę o kontakt przez PW.

Zaloguj się

Zarchiwizowany

Rozwiązany: Log Hijack This

Polecane posty

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Link do komentarza

Udostępnij na innych stronach

Kto przegląda 0 użytkowników