Czasem jak klikam w dowolne miejsce na pasku zadań to pojawia mi się błąd eksplorator windows i wszystkie okna się zamykają i pulpit się odświeża 
. Proszę o takie odpowiedzi , żebym dokładnie zrozumiał co mam zrobić,bo nie bardzo się znam. Jak potrzebne są jakieś raporty do sprawdzenia proszę napisać co po kroku ma robić żebym je zobaczył
System:windows vista home premium 32 bity
Laptop: Hp pavilion dv6000
Z góry dzięki 
AndrzejS123 ,
Zapoznaj się z tematem i popraw tytuł tematu na konkretny, mówiący o problemie. W celu dokonania zaleconej korekty proszę użyć przycisku Edytuj przy poście otwierającym ten temat.
Zignorowanie zalecenia będzie skutkowało usunięciem tematu do Kosza.
Podaj log z OTL, instrukcję dostarczania znajdziesz w przyklejonym wątku w dziale bezpieczeństwo.
Od kiedy tak masz? Samo z siebie, czy coś instalowałeś/usuwałeś/zmieniałeś?
Pozdrawiam!
Według mnie samo z siebie bo kiedyś robiłem format i jak pierwszy raz nacisnąłem na dysk D to wyskoczył ten błąd . A potem tam już nie wyskakiwał tylko na pasku zadań . Teraz wyskakuje mi czasem na pasku zadań i czasem jak mi się jakiekolwiek okno zawiesza. Możesz wsłać mi link do tej instrukcji bo nie mogę znaleźć.
Dzięki za pomoc 
Mój kod z OTL :
OTL logfile created on: 2011-09-29 14:58:48 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\coś\ikony\programy
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,10 Gb Total Space | 91,09 Gb Free Space | 41,20% Space Free | Partition Type: NTFS
Drive D: | 11,78 Gb Total Space | 2,01 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Computer Name: ANDRZEJS-PC | User Name: Andrzej S | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-09-20 05:07:40 | 001,030,200 | ---- | M] (Google Inc.) – C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011-09-06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) – C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011-07-07 12:13:58 | 000,543,821 | ---- | M] () – C:\Users\Andrzej S\AppData\Local\Temp\Temp1_memboost.zip\memboost-1751755\memBoost.exe
PRC - [2011-07-05 13:28:30 | 000,575,488 | ---- | M] (OldTimer Tools) – C:\coś\ikony\programy\OTL.exe
PRC - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) – C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-10-24 12:02:14 | 000,178,712 | ---- | M] (Intel Corporation) – C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007-10-09 18:59:30 | 004,702,208 | ---- | M] (Realtek Semiconductor) – C:\WINDOWS\RtHDVCpl.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () – C:\Program Files\RocketDock\RocketDock.exe
========== Modules (SafeList) ==========
MOD - [2011-09-06 22:45:26 | 000,199,792 | ---- | M] (AVAST Software) – C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2011-07-05 13:28:30 | 000,575,488 | ---- | M] (OldTimer Tools) – C:\coś\ikony\programy\OTL.exe
MOD - [2009-04-10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-21 04:24:06 | 000,039,936 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\dwmapi.dll
========== Win32 Services (SafeList) ==========
SRV - [2011-09-06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe – (avast! Antivirus)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] – C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe – (McComponentHostService)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\WINDOWS\System32\FntCache.dll – (FontCache)
SRV - [2008-02-18 07:49:12 | 001,245,064 | ---- | M] () [On_Demand | Running] – C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe – (Symantec Core LC)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
SRV - [2007-10-24 12:02:16 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] – C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe – (IAANTMON) Intel®
SRV - [2007-08-25 06:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] – c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe – (LiveUpdate Notice)
SRV - [2007-08-25 06:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] – c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe – (CLTNetCnService)
SRV - [2007-08-25 06:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] – c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe – (ccSetMgr)
SRV - [2007-08-25 06:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] – c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe – (ccEvtMgr)
SRV - [2007-08-23 21:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] – c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE – (LiveUpdate)
SRV - [2007-08-23 21:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] – c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe – (Automatic LiveUpdate Scheduler)
SRV - [2007-08-22 08:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] – c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe – (comHost)
SRV - [2007-05-31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\WINDOWS\WindowsMobile\wcescomm.dll – (WcesComm)
SRV - [2007-05-31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\WINDOWS\WindowsMobile\rapimgr.dll – (RapiMgr)
SRV - [2007-03-05 19:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] – C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe – (Com4Qlb)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] – C:\Windows\System32\DRIVERS\nwlnkfwd.sys – (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] – C:\Windows\System32\DRIVERS\nwlnkflt.sys – (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] – C:\Windows\System32\DRIVERS\ipinip.sys – (IpInIp)
DRV - [2011-09-06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] – C:\Windows\System32\drivers\aswSnx.sys – (aswSnx)
DRV - [2011-09-06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\System32\drivers\aswSP.sys – (aswSP)
DRV - [2011-09-06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\System32\drivers\aswRdr.sys – (aswRdr)
DRV - [2011-09-06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\System32\drivers\aswTdi.sys – (aswTdi)
DRV - [2011-09-06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\WINDOWS\System32\drivers\aswMonFlt.sys – (aswMonFlt)
DRV - [2011-09-06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\System32\drivers\aswFsBlk.sys – (aswFsBlk)
DRV - [2010-04-07 18:45:37 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\seehcri.sys – (seehcri)
DRV - [2010-04-07 18:44:37 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\ggsemc.sys – (ggsemc)
DRV - [2010-04-07 18:44:37 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\ggflt.sys – (ggflt)
DRV - [2009-04-10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\winusb.sys – (winusb)
DRV - [2009-03-13 13:50:18 | 001,095,808 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\smserial.sys – (smserial)
DRV - [2008-03-28 02:06:00 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\SynTP.sys – (SynTP)
DRV - [2008-02-18 07:51:05 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\SYMEVENT.SYS – (SymEvent)
DRV - [2008-02-11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\igdkmd32.sys – (igfx)
DRV - [2008-01-21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\megasr.sys – (MegaSR)
DRV - [2008-01-21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\adpu320.sys – (adpu320)
DRV - [2008-01-21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\megasas.sys – (megasas)
DRV - [2008-01-21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\adpu160m.sys – (adpu160m)
DRV - [2008-01-21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\sisraid4.sys – (SiSRaid4)
DRV - [2008-01-21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\hpcisss.sys – (HpCISSs)
DRV - [2008-01-21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\adpahci.sys – (adpahci)
DRV - [2008-01-21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\lsi_sas.sys – (LSI_SAS)
DRV - [2008-01-21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\ql2300.sys – (ql2300)
DRV - [2008-01-21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\E1G60I32.sys – (E1G60) Intel®
DRV - [2008-01-21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\arcsas.sys – (arcsas)
DRV - [2008-01-21 04:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\VSTCNXT3.SYS – (winachsf)
DRV - [2008-01-21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\iastorv.sys – (iaStorV)
DRV - [2008-01-21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\vsmraid.sys – (vsmraid)
DRV - [2008-01-21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\ulsata2.sys – (ulsata2)
DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\lsi_scsi.sys – (LSI_SCSI)
DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\lsi_fc.sys – (LSI_FC)
DRV - [2008-01-21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\arc.sys – (arc)
DRV - [2008-01-21 04:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\VSTDPV3.SYS – (HSF_DPV)
DRV - [2008-01-21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\elxstor.sys – (elxstor)
DRV - [2008-01-21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\VSTAZL3.SYS – (HSFHWAZL)
DRV - [2008-01-21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\adp94xx.sys – (adp94xx)
DRV - [2008-01-21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\nvraid.sys – (nvraid)
DRV - [2008-01-21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\nvstor.sys – (nvstor)
DRV - [2008-01-21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\uliahci.sys – (uliahci)
DRV - [2008-01-21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\viaide.sys – (viaide)
DRV - [2008-01-21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\cmdide.sys – (cmdide)
DRV - [2008-01-21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\aliide.sys – (aliide)
DRV - [2007-11-05 11:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\ProgramData\Symantec\Definitions\VirusDefs\20071105.016\NAVEX15.SYS – (NAVEX15)
DRV - [2007-11-05 11:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\ProgramData\Symantec\Definitions\VirusDefs\20071105.016\NAVENG.SYS – (NAVENG)
DRV - [2007-10-09 18:49:58 | 001,970,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\RTKVHDA.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-10-08 22:26:28 | 001,044,472 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\BCMWL6.SYS – (BCM43XX)
DRV - [2007-10-08 22:26:28 | 001,044,472 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\BCMWL6.SYS – (BCM43XV)
DRV - [2007-09-30 01:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\iaStor.sys – (iaStor)
DRV - [2007-09-18 15:12:28 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\btwavdt.sys – (btwavdt)
DRV - [2007-09-18 15:12:28 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\btwaudio.sys – (btwaudio)
DRV - [2007-09-18 15:12:28 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\btwrchid.sys – (btwrchid)
DRV - [2007-09-18 01:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\Rtlh86.sys – (RTL8169)
DRV - [2007-08-17 22:23:00 | 000,446,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys – (SPBBCDrv)
DRV - [2007-08-15 22:27:00 | 000,180,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSvix86.sys – (IDSvix86)
DRV - [2007-08-13 21:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\System32\Drivers\SYMTDI.SYS – (SYMTDI)
DRV - [2007-08-13 21:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\Drivers\SYMREDRV.SYS – (SYMREDRV)
DRV - [2007-08-10 01:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\SymIM.sys – (SymIMMP)
DRV - [2007-08-10 01:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\SymIM.sys – (SymIM)
DRV - [2007-08-09 00:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] – C:\WINDOWS\System32\drivers\CO_Mon.sys – (CO_Mon)
DRV - [2007-07-31 07:43:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\srtspl.sys – (SRTSPL)
DRV - [2007-07-31 07:43:00 | 000,278,576 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] – C:\WINDOWS\System32\drivers\srtsp.sys – (SRTSP)
DRV - [2007-07-31 07:43:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\srtspx.sys – (SRTSPX)
DRV - [2007-07-11 19:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\HpqRemHid.sys – (HpqRemHid)
DRV - [2007-06-19 09:51:20 | 000,107,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\s816mdm.sys – (s816mdm)
DRV - [2007-06-19 09:51:18 | 000,013,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\s816mdfl.sys – (s816mdfl)
DRV - [2007-06-19 09:51:16 | 000,081,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\s816bus.sys – (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV - [2007-06-19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\drivers\HpqKbFiltr.sys – (HpqKbFiltr)
DRV - [2007-03-22 07:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] – C:\WINDOWS\System32\drivers\rixdptsk.sys – (rismxdp)
DRV - [2007-02-24 23:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] – C:\WINDOWS\System32\drivers\rimmptsk.sys – (rimmptsk)
DRV - [2007-01-24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] – C:\WINDOWS\System32\drivers\rimsptsk.sys – (rimsptsk)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\ql40xx.sys – (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\ulsata.sys – (UlSata)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\nfrd960.sys – (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\iirsp.sys – (iirsp)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\djsvs.sys – (aic78xx)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\iteraid.sys – (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\iteatapi.sys – (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\symc8xx.sys – (Symc8xx)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\sym_u3.sys – (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\mraid35x.sys – (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\sym_hi.sys – (Sym_hi)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\brserid.sys – (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\brusbser.sys – (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\brfiltup.sys – (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\brfiltlo.sys – (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\brserwdm.sys – (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\brusbmdm.sys – (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\ntrigdigi.sys – (ntrigdigi)
DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\System32\drivers\nvm60x32.sys – (NVENETFD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= … &pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{7B53DCEF-12C5-423A-99E3-5FEF783587D1}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= … &pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{7B53DCEF-12C5-423A-99E3-5FEF783587D1}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU…\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU…\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Hyperionics DB Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin [2011-01-29 15:59:12 | 000,000,000 | —D | M]
[2010-07-02 14:30:58 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions
[2010-07-02 14:15:39 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-07-02 14:15:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM…\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O3 - HKLM…\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU…\Toolbar\WebBrowser: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM…\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM…\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM…\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU…\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Andrzej S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rizone Memory Booster.lnk = C:\Users\Andrzej S\AppData\Local\Temp\Temp1_memboost.zip\memboost-1751755\memBoost.exe ()
O8 - Extra context menu item: Send image to &Bluetooth Device… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra ‘Tools’ menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU…Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-02-18 08:28:10 | 000,000,074 | ---- | M] () - C:\autoexec.bat – [NTFS]
O32 - AutoRun File - [2005-09-11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE – [NTFS]
O33 - MountPoints2{24343d1f-b1fd-11e0-ae27-a2d207d257c4}\Shell\AutoRun\command - “” = G:\USBNB.exe – File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM…comfile [open] – “%1” %*
O35 - HKLM…exefile [open] – “%1” %*
O37 - HKLM…com [@ = comfile] – “%1” %*
O37 - HKLM…exe [@ = exefile] – “%1” %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - (McAfee, Inc.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ccApp - hkey= - key= - c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: HP Health Check Scheduler - hkey= - key= - File not found
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: hpqSRMon - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig - StartUpReg: hpWirelessAssistant - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: isCfgWiz - hkey= - key= - c:\Program Files\Common Files\Symantec Shared\OPC{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: OnScreenDisplay - hkey= - key= - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe ( Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
MsConfig - StartUpReg: QlbCtrl - hkey= - key= - File not found
MsConfig - StartUpReg: QPService - hkey= - key= - C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
MsConfig - StartUpReg: SMSERIAL - hkey= - key= - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: WAWifiMessage - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: Windows Mobile Device Center - hkey= - key= - C:\WINDOWS\WindowsMobile\wmdc.exe (Microsoft Corporation)
MsConfig - State: “bootini” - 2
MsConfig - State: “startup” - 2
MsConfig - State: “services” - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
========== Files/Folders - Created Within 30 Days ==========
[2011-09-28 17:53:35 | 024,821,896 | ---- | C] (Skype Technologies S.A.) – C:\Users\Andrzej S\Desktop\SkypeSetupFull (1).exe
[2011-09-24 16:59:11 | 000,000,000 | —D | C] – C:\coś
[2011-09-21 15:46:19 | 000,000,000 | —D | C] – C:\Program Files\RocketDock
[2011-08-31 18:38:34 | 000,000,000 | —D | C] – C:\karta se
[1 C:\Windows*.tmp files -> C:\Windows*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2011-09-29 15:02:00 | 000,001,042 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-09-29 14:59:40 | 002,883,584 | -HS- | M] () – C:\Users\Andrzej S\ntuser.dat
[2011-09-29 13:51:26 | 007,073,290 | ---- | M] () – C:\Windows\System32\perfh009.dat
[2011-09-29 13:51:25 | 006,343,232 | ---- | M] () – C:\Windows\System32\perfc009.dat
[2011-09-29 13:51:24 | 000,004,888 | ---- | M] () – C:\Windows\System32\PerfStringBackup.INI
[2011-09-29 13:44:50 | 000,001,038 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-09-29 13:44:33 | 000,000,006 | -H-- | M] () – C:\Windows\tasks\SA.DAT
[2011-09-29 13:44:31 | 000,003,216 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-09-29 13:44:31 | 000,003,216 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-09-29 13:44:22 | 000,067,584 | --S- | M] () – C:\Windows\bootstat.dat
[2011-09-29 13:44:18 | 3211,190,272 | -HS- | M] () – C:\hiberfil.sys
[2011-09-29 01:32:57 | 000,524,288 | -HS- | M] () – C:\Users\Andrzej S\ntuser.dat{3955a2a8-f243-11df-a823-82b328e8d3ce}.TMContainer00000000000000000001.regtrans-ms
[2011-09-29 01:32:57 | 000,065,536 | -HS- | M] () – C:\Users\Andrzej S\ntuser.dat{3955a2a8-f243-11df-a823-82b328e8d3ce}.TM.blf
[2011-09-29 01:32:53 | 004,468,837 | -H-- | M] () – C:\Users\Andrzej S\AppData\Local\IconCache.db
[2011-09-28 17:53:36 | 024,821,896 | ---- | M] (Skype Technologies S.A.) – C:\Users\Andrzej S\Desktop\SkypeSetupFull (1).exe
[2011-09-25 00:14:30 | 000,118,272 | ---- | M] () – C:\Users\Andrzej S\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-14 15:13:02 | 000,002,577 | ---- | M] () – C:\Windows\System32\config.nt
[2011-09-06 22:45:29 | 000,199,304 | ---- | M] (AVAST Software) – C:\Windows\System32\aswBoot.exe
[2011-09-06 22:45:29 | 000,041,184 | ---- | M] (AVAST Software) – C:\Windows\avastSS.scr
[2011-09-06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswSnx.sys
[2011-09-06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswSP.sys
[2011-09-06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswRdr.sys
[2011-09-06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswTdi.sys
[2011-09-06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswMonFlt.sys
[2011-09-06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswFsBlk.sys
[1 C:\Windows*.tmp files -> C:\Windows*.tmp ->]
========== Files Created - No Company Name ==========
[2011-05-02 19:25:10 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempOB6040.html
[2011-04-25 18:09:05 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempOf5536.html
[2011-01-15 14:33:54 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempkA5792.html
[2011-01-01 11:47:09 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempwW6100.html
[2010-12-23 22:27:36 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempZD5456.html
[2010-12-23 14:31:48 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempKy4808.html
[2010-11-25 17:08:07 | 004,468,837 | -H-- | C] () – C:\Users\Andrzej S\AppData\Local\IconCache.db
[2010-11-01 18:56:16 | 000,469,605 | ---- | C] () – C:\Program Files\unconfirmed 52534.crdownload
[2010-10-28 15:48:07 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempyD5168.html
[2010-10-25 20:59:49 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempaU5532.html
[2010-10-25 20:54:56 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempFS1672.html
[2010-10-25 20:54:56 | 000,002,089 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\Tempje1672.html
[2010-09-13 14:23:17 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempTE4636.html
[2010-09-13 14:21:02 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\Tempab5412.html
[2010-09-13 14:21:02 | 000,002,089 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempVN5412.html
[2010-09-01 15:35:21 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempFK3984.html
[2010-08-31 16:55:42 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempiJ1512.html
[2010-08-30 13:39:08 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempiC1792.html
[2010-08-30 12:47:03 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempqN1532.html
[2010-08-29 14:50:38 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\Tempah5712.html
[2010-08-19 12:11:56 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempZs4732.html
[2010-08-18 14:42:23 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempKX4936.html
[2010-08-18 11:26:41 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempRm5812.html
[2010-08-17 19:54:33 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempDb2992.html
[2010-08-17 10:11:27 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempGN4928.html
[2010-08-17 10:11:27 | 000,002,089 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempYS4928.html
[2010-08-15 17:23:14 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempUN3368.html
[2010-08-14 09:32:29 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempAe5032.html
[2010-08-13 18:33:21 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempMe4932.html
[2010-08-11 21:30:29 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempSW3140.html
[2010-08-11 21:24:51 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\Tempwj4240.html
[2010-08-11 21:15:46 | 000,002,432 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\TempdS5440.html
[2010-07-26 10:13:40 | 000,108,032 | ---- | C] () – C:\Windows\System32\ff_vfw.dll
[2010-07-06 18:05:02 | 000,000,066 | ---- | C] () – C:\Windows#1 Video Converter.INI
[2010-06-23 12:35:52 | 000,790,528 | ---- | C] () – C:\Windows\System32\xvidcore.dll
[2010-06-23 12:35:52 | 000,134,144 | ---- | C] () – C:\Windows\System32\xvidvfw.dll
[2010-04-25 23:44:38 | 000,000,118 | ---- | C] () – C:\Windows\System32\MRT.INI
[2010-04-18 21:08:26 | 000,000,266 | RHS- | C] () – C:\ProgramData\ntuser.pol
[2010-04-16 19:44:07 | 000,117,248 | ---- | C] () – C:\Windows\System32\EhStorAuthn.dll
[2010-04-16 19:43:41 | 000,368,640 | ---- | C] () – C:\Windows\System32\msjetoledb40.dll
[2010-04-01 20:48:27 | 000,058,792 | ---- | C] () – C:\Windows\System32\wbload.dll
[2010-03-28 01:17:17 | 000,118,272 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-25 04:44:05 | 000,001,356 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\d3d9caps.dat
[2010-03-23 05:31:36 | 000,000,000 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\QSwitch.txt
[2010-03-23 05:31:36 | 000,000,000 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\DSwitch.txt
[2010-03-23 05:31:36 | 000,000,000 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\AtStart.txt
[2010-03-23 05:31:23 | 000,079,072 | ---- | C] () – C:\Users\Andrzej S\AppData\Local\GDIPFONTCACHEV1.DAT
[2009-08-16 10:08:36 | 000,178,176 | ---- | C] () – C:\Windows\System32\unrar.dll
[2008-09-13 00:21:02 | 000,000,547 | ---- | C] () – C:\Windows\System32\ff_vfw.dll.manifest
[2008-04-21 05:42:26 | 000,016,480 | ---- | C] () – C:\Windows\System32\rixdicon.dll
[2008-02-18 08:42:52 | 000,001,111 | ---- | C] () – C:\ProgramData\hpzinstall.log
[2008-02-11 19:55:18 | 000,147,456 | ---- | C] () – C:\Windows\System32\igfxCoIn_v1437.dll
[2008-01-21 04:24:38 | 000,060,124 | ---- | C] () – C:\Windows\System32\tcpmon.ini
[2007-09-13 17:31:06 | 000,147,456 | ---- | C] () – C:\Windows\System32\igfxCoIn_v1329.dll
[2007-09-13 17:22:46 | 001,238,832 | ---- | C] () – C:\Windows\System32\igmedkrn.dll
[2007-09-13 17:22:46 | 000,104,636 | ---- | C] () – C:\Windows\System32\igmedcompkrn.dll
[2007-09-05 21:52:04 | 000,389,120 | ---- | C] () – C:\Windows\System32\btwhidcs.dll
[2007-02-05 20:05:26 | 000,000,038 | ---- | C] () – C:\Windows\AviSplitter.INI
[2006-11-02 14:50:50 | 000,000,174 | -HS- | C] () – C:\Program Files\desktop.ini
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () – C:\Windows\System32\sysprepMCE.dll
[2006-11-02 12:33:01 | 000,004,888 | ---- | C] () – C:\Windows\System32\PerfStringBackup.INI
[2006-11-02 12:24:31 | 000,001,405 | ---- | C] () – C:\Windows\msdfmap.ini
[2006-11-02 12:23:31 | 000,000,258 | ---- | C] () – C:\Windows\win.ini
[2006-11-02 12:23:31 | 000,000,219 | ---- | C] () – C:\Windows\system.ini
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () – C:\Windows\System32\pacerprf.ini
[2006-11-02 09:09:45 | 000,027,097 | ---- | C] () – C:\Windows\System32\country.sys
[2006-11-02 09:09:44 | 000,042,809 | ---- | C] () – C:\Windows\System32\KEY01.SYS
[2006-11-02 09:09:44 | 000,042,537 | ---- | C] () – C:\Windows\System32\KEYBOARD.SYS
[2006-11-02 09:09:42 | 000,009,029 | ---- | C] () – C:\Windows\System32\ANSI.SYS
[2006-11-02 09:09:41 | 000,004,768 | ---- | C] () – C:\Windows\System32\HIMEM.SYS
[2006-11-02 09:09:40 | 000,029,274 | ---- | C] () – C:\Windows\System32\NTDOS412.SYS
[2006-11-02 09:09:38 | 000,029,370 | ---- | C] () – C:\Windows\System32\NTDOS411.SYS
[2006-11-02 09:09:35 | 000,029,146 | ---- | C] () – C:\Windows\System32\NTDOS404.SYS
[2006-11-02 09:09:31 | 000,029,146 | ---- | C] () – C:\Windows\System32\NTDOS804.SYS
[2006-11-02 09:09:29 | 000,027,866 | ---- | C] () – C:\Windows\System32\NTDOS.SYS
[2006-11-02 09:09:26 | 000,035,536 | ---- | C] () – C:\Windows\System32\NTIO412.SYS
[2006-11-02 09:09:24 | 000,035,776 | ---- | C] () – C:\Windows\System32\NTIO411.SYS
[2006-11-02 09:09:23 | 000,034,672 | ---- | C] () – C:\Windows\System32\NTIO404.SYS
[2006-11-02 09:09:22 | 000,034,672 | ---- | C] () – C:\Windows\System32\NTIO804.SYS
[2006-11-02 09:09:20 | 000,033,952 | ---- | C] () – C:\Windows\System32\NTIO.SYS
[2006-11-02 08:25:08 | 000,013,312 | ---- | C] () – C:\Windows\System32\win87em.dll
[2006-03-09 11:58:00 | 001,060,424 | ---- | C] () – C:\Windows\System32\WdfCoInstaller01000.dll
[2001-11-14 22:56:00 | 001,802,240 | ---- | C] () – C:\Windows\System32\lcppn21.dll
========== LOP Check ==========
[2010-07-07 11:20:31 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\AnvSoft
[2010-04-05 02:08:02 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\Eitbit
[2010-11-01 19:55:14 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\flightgear.org
[2010-10-30 22:26:44 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\fltk.org
[2010-11-16 17:36:20 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\FreeAudioPack
[2010-08-11 21:24:46 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\Gadu-Gadu 10
[2011-08-20 21:14:04 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\gtk-2.0
[2011-06-18 20:47:32 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\ipla
[2010-04-05 20:40:16 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\IrfanView
[2010-04-01 20:55:56 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\OpenCandy
[2010-08-11 21:22:36 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\OpenFM
[2010-04-05 20:45:14 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\PhotoFiltre
[2011-06-18 20:55:33 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\RDRM
[2010-07-02 14:31:28 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\Stykz
[2010-09-30 16:10:36 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\Teleca
[2010-08-03 11:25:33 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\VistaCodecs
[2011-04-25 17:19:37 | 000,000,000 | —D | M] – C:\Users\Andrzej S\AppData\Roaming\VSO
[2011-09-29 01:32:59 | 000,032,608 | ---- | M] () – C:\WINDOWS\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%*.* >
[2008-02-18 08:28:10 | 000,000,074 | ---- | M] () – C:\autoexec.bat
[2009-04-10 23:36:38 | 000,333,257 | RHS- | M] () – C:\bootmgr
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () – C:\config.sys
[2011-09-29 13:44:18 | 3211,190,272 | -HS- | M] () – C:\hiberfil.sys
[2010-10-30 18:13:06 | 000,000,000 | RHS- | M] () – C:\IO.SYS
[2008-02-18 08:05:21 | 000,000,383 | -H-- | M] () – C:\IPH.PH
[2010-10-30 18:13:06 | 000,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2011-09-29 13:44:16 | 3524,980,736 | -HS- | M] () – C:\pagefile.sys
< MD5 for: AGP440.SYS >
[2008-01-19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 – C:\7c97dccfed9d8bccad04263c80\d9873ef90b33e9c99198\b6efc6050f58c7a3499cc23dc1f598\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\agp440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 – C:\WINDOWS\System32\drivers\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 – C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 – C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 – C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 – C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 – C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 – C:\WINDOWS\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 – C:\WINDOWS\System32\drivers\atapi.sys
[2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 – C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 – C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 – C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 – C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F – C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: BEEP.SYS >
[2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 – C:\WINDOWS\System32\drivers\beep.sys
[2008-01-21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 – C:\WINDOWS\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
< MD5 for: CDROM.SYS >
[2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 – C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 – C:\WINDOWS\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 – C:\WINDOWS\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 – C:\WINDOWS\System32\drivers\cdrom.sys
[2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 – C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 – C:\WINDOWS\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 – C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: NDIS.SYS >
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 – C:\WINDOWS\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 – C:\WINDOWS\System32\drivers\ndis.sys
[2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 – C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008-01-21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 – C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: USERINIT.EXE >
[2008-01-21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 – C:\WINDOWS\System32\userinit.exe
[2008-01-21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 – C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 – C:\WINDOWS\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 – C:\WINDOWS\System32\winlogon.exe
[2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 – C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 – C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Andrzej S\Desktop\Aloe+Blacc+performing+_I+Need+A+Dollar_+on+KCRW.flv:TOC.WMV
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3553E6B8
< End of report >