trojan blocque mon acces a internet [Résolu]

Voila j'ai un probleme, je ne peux pas acceder a internet je pense avoir un trojan? je suis nul en informatique quelqu'un peut il m'aider? Un grand MERCI par avance. Voici mon scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:32:49, on 2011-05-03
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\BVRP Connection Manager\NomadSvr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe
C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe
C:\Documents and Settings\Charles\Pulpit\SCAN CM.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:51939
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang PL
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
O4 - HKLM\..\Run: [Memeo Send] C:\Program Files\Memeo\Memeo Send\MemeoLauncher.exe --silent
O4 - HKLM\..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243766058250
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F2DFDA1-8272-4760-96B4-876136719B4C}: NameServer = 208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F2DFDA1-8272-4760-96B4-876136719B4C}: NameServer = 208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F2DFDA1-8272-4760-96B4-876136719B4C}: NameServer = 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Usługa konfiguracji Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Application Policy Service - Unknown owner - C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe

--
End of file - 12713 bytes

Salut,

Il y a bien infection sur la machine. Quelle est cette version de windows :

Je n'ai pas trouvé grand-chose de concret sur le net.

Fill

Merci Pill de bien vouloir m'aider. C'est une version polonaise.

hello,

en passant...
jamais vu cette version exotique de XP

je partage l'avis de Fill au point de vue infection....

Continue à suivre les instructions de Fill.
Je te conseille toutefois de me virer cette version et de la remplacer par une plus conventionnelle....
Ici je ne vire pas ceux qui utilisent des versions piratées, mais je me dois de suggérer avec insistance de ne pas continuer dans cette voie ...

winx

Hello Winx,

D'après ce que j'ai lu, c'est une version polonaise légale.

* Télécharge OTS de Old_Timer sur ton Bureau,
* Désactive temporairement ton antivirus (pas le pare-feu).
* !! Tu dois avoir ouvert un compte disposant de droits administrateurs pour exécuter le programme !!
* Ferme tous les autres programmes à l'exception du navigateur,
* Fais un double-clic sur le fichier OTS.exe (si tu es sous Vista, fais un clic droit sur OTS.exe et choisis d'exécuter en tant qu'administrateur),
* Dans la rubrique "Additional Scans" à droite, clique sur "Extras"
* Coche ces rubriques : Drivers32, Disabled MSConfig Items, NetSvcs, Safe boot Minimal et Safe Boot NetWork.
* Fais un copier/coller de ce texte dans la zone "Custom Scans" :

* Ne modifie aucun autre paramètre,
* Ensuite, clique sur le bouton Run Scan dans la barre d'outils,
* Laisse le programme tourner sans intervenir,
* Lorsque l'analyse est terminée, le bloc-note va s'ouvrir avec le rapport d'analyse.
* Cliquer sur le menu Format et vérifier que Retour automatique à la ligne n'est pas coché.
* Edite le rapport, en plusieurs si nécessaire si un message d'erreur apparait dans ta prochaine réponse quand tu veux le coller sur le forum.
* Vérifie que la 1ère ligne et la dernière ligne du rapport édité est [code]
* Réactive l'antivirus.
* Le rapport étant très long, tu peux m’envoyer celui-ci via : http://www.zshare.net/
Clique sur Parcourir , va "chercher" ton rapport OTS.txt puis coche "I have read ..." puis clique sur Share it
Attends un peu puis copie-colle ici le lien en bleu qui va apparaître dans un petit rectangle.

Fill

Rebonjour Fill,
Pour repondre a la question mon windows m'a ete fourni avec le Toshiba que j'ai achete en 2006 en Pologne. Je vis dans ce pays depuis un certain temps et ceci explique cela!
Pour revenir a mon probleme comme je te l'ai dit je suis NUL en informatique et donc je voudrai savoir ou trouver "OTS de Old_Timer" et comment ouvrir le " compte disposant de droits administrateurs pour exécuter le programme " Pour le reste je crois que je peux le faire. Je remercie aussi Wins de se pencher sur mon probleme. Mtz PS excusez moi pour la ponctuation j'ai un clavier qwerty

Rebonjour Fill,
Pour repondre a la question mon windows m'a ete fourni avec le Toshiba que j'ai achete en 2006 en Pologne. Je vis dans ce pays depuis un certain temps et ceci explique cela!
Pour revenir a mon probleme comme je te l'ai dit je suis NUL en informatique et donc je voudrai savoir ou trouver "OTS de Old_Timer" et comment ouvrir le " compte disposant de droits administrateurs pour exécuter le programme " Pour le reste je crois que je peux le faire. Je remercie aussi Wins de se pencher sur mon probleme. Mtz PS excusez moi pour la ponctuation j'ai un clavier qwerty

Salut,

Il te suffit de cliquer sur OTS dans mon précédent message. Le téléchargement se fera automatiquement.

Pour la session, on va essayer avec ta session habituelle.

Fill

De quel texte dois je copier et coller dans custom Scans? et comment faire?

De plus Fill quand je click sur extras il y a des Reg qui se cochent automatiquement

re,

merci de l'info Fill

?????????

Re,

C'est ceci que tu dois copier/coller dans Custom scans :
C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\*.* /s

Pour les cases qui se cochent, c'est normal.

Fill

ok Fill je fais tout ceci et je te l'envoie. MTZ

Fill, voici le rapport:
[code]
OTS logfile created on: 2011-05-04 21:01:25 - Run 1
OTS by OldTimer - Version 3.1.42.0 Folder = C:\Documents and Settings\Charles\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

734,00 Mb Total Physical Memory | 362,00 Mb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 1104 2208 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 32,78 Gb Free Space | 21,99% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 3,84 Gb Total Space | 3,41 Gb Free Space | 88,98% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOSHIBA
Current User Name: Charles
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Charles\Pulpit\OTS.exe -> [2011-05-04 19:26:50 | 000,645,632 | ---- | M] (OldTimer Tools)
svchost.exe -> C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe -> [2011-05-01 15:19:12 | 001,505,280 | ---- | M] ()
divxupdate.exe -> C:\Program Files\DivX\DivX Update\DivXUpdate.exe -> [2011-03-21 23:10:00 | 001,230,704 | ---- | M] ()
java.exe -> C:\WINDOWS\system32\java.exe -> [2011-02-02 22:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
soffice.exe -> C:\Program Files\OpenOffice.org 3\program\soffice.exe -> [2011-01-17 17:37:42 | 011,322,880 | ---- | M] (OpenOffice.org)
soffice.bin -> C:\Program Files\OpenOffice.org 3\program\soffice.bin -> [2011-01-17 17:37:42 | 011,314,688 | ---- | M] (OpenOffice.org)
memeobackgroundservice.exe -> C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -> [2010-07-28 19:21:16 | 000,025,824 | ---- | M] (Memeo)
rainlendar2.exe -> C:\Program Files\Rainlendar2\Rainlendar2.exe -> [2010-07-11 11:42:46 | 002,199,040 | ---- | M] ()
memeodashboard.exe -> C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe -> [2010-04-30 16:47:00 | 000,069,896 | ---- | M] (Memeo)
seagatedashboardservice.exe -> C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -> [2010-04-30 16:47:00 | 000,014,088 | ---- | M] (Memeo)
starwindserviceae.exe -> C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -> [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software)
nusb3mon.exe -> C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe -> [2009-11-20 19:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation)
nod32krn.exe -> C:\Program Files\ESET\nod32krn.exe -> [2008-09-16 21:21:40 | 000,552,064 | ---- | M] (Eset )
linksysupdater.exe -> C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -> [2008-06-26 14:52:42 | 000,204,800 | ---- | M] ()
unlockerassistant.exe -> C:\Program Files\Unlocker\UnlockerAssistant.exe -> [2008-05-02 06:15:46 | 000,015,872 | ---- | M] ()
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation)
hpzipm12.exe -> C:\WINDOWS\system32\HPZipm12.exe -> [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP)
ctdevsrv.exe -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007-04-02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd)
toddsrv.exe -> C:\WINDOWS\system32\TODDSrv.exe -> [2006-05-25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation)
hotkey.exe -> C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe -> [2006-05-25 15:28:12 | 001,773,568 | ---- | M] (TOSHIBA Inc.)
ddwmon.exe -> C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe -> [2006-04-28 11:49:02 | 000,262,144 | ---- | M] (TOSHIBA Corporation)
nomadsvr.exe -> C:\Program Files\BVRP Connection Manager\NomadSvr.exe -> [2005-12-15 11:58:52 | 000,065,536 | ---- | M] ()
ndstray.exe -> C:\Program Files\Toshiba\ConfigFree\NDSTray.exe -> [2005-11-02 16:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION)
acs.exe -> C:\WINDOWS\system32\acs.exe -> [2005-09-26 11:22:28 | 000,036,864 | ---- | M] ()
tpsbattm.exe -> C:\WINDOWS\system32\TPSBattM.exe -> [2005-08-04 14:15:48 | 000,040,960 | ---- | M] (TOSHIBA Corporation)
hpztsb09.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe -> [2005-07-23 04:40:43 | 000,176,128 | ---- | M] (HP)
smoothview.exe -> C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe -> [2005-05-13 11:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation)
toscdspd.exe -> C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe -> [2005-04-12 12:04:18 | 000,065,536 | ---- | M] (TOSHIBA)
cfsvcs.exe -> C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -> [2005-01-17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION)
hptskmgr.exe -> C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe -> [2004-05-12 16:18:54 | 000,135,168 | ---- | M] (Hewlett-Packard Company)

[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Charles\Pulpit\OTS.exe -> [2011-05-04 19:26:50 | 000,645,632 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation)
unlockerhook.dll -> C:\Program Files\Unlocker\UnlockerHook.dll -> [2008-05-02 06:15:35 | 000,004,608 | ---- | M] ()

[Win32 Services - Safe List]
(HidServ) Dostęp do urządzeń interfejsu HID [Disabled | Stopped] -> -> File not found
(AppMgmt) Zarządzanie aplikacjami [On_Demand | Stopped] -> -> File not found
(Application Policy Service) Application Policy Service [Auto | Running] -> C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe -> [2011-05-01 15:19:12 | 001,505,280 | ---- | M] ()
(nosGetPlusHelper) getPlus(R) Helper 3004 [On_Demand | Stopped] -> C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -> [2010-11-29 11:41:26 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.)
(MemeoBackgroundService) MemeoBackgroundService [Auto | Running] -> C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -> [2010-07-28 19:21:16 | 000,025,824 | ---- | M] (Memeo)
(SeagateDashboardService) Seagate Dashboard Service [Auto | Running] -> C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -> [2010-04-30 16:47:00 | 000,014,088 | ---- | M] (Memeo)
(ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -> [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia)
(StarWindServiceAE) StarWind AE Service [Auto | Running] -> C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -> [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software)
(getPlusHelper) getPlus(R) Helper [On_Demand | Stopped] -> C:\Program Files\NOS\bin\getPlus_Helper.dll -> [2009-09-23 17:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.)
(SolidWorks Licensing Service) SolidWorks Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -> [2009-07-31 15:49:44 | 000,079,360 | ---- | M] (SolidWorks)
(NOD32krn) NOD32 Kernel Service [Auto | Running] -> C:\Program Files\Eset\nod32krn.exe -> [2008-09-16 21:21:40 | 000,552,064 | ---- | M] (Eset )
(LinksysUpdater) Linksys Updater [Auto | Running] -> C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -> [2008-06-26 14:52:42 | 000,204,800 | ---- | M] ()
(CTUPnPSv) Creative Centrale Media Server [On_Demand | Stopped] -> C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -> [2008-05-21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd)
(nmservice) Pure Networks Platform Service [Auto | Stopped] -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -> [2008-05-16 07:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [On_Demand | Stopped] -> C:\Program Files\WinPcap\rpcapd.exe -> [2007-11-06 22:22:26 | 000,092,792 | ---- | M] (CACE Technologies)
(Pml Driver HPZ12) Pml Driver HPZ12 [Auto | Running] -> C:\WINDOWS\system32\HPZipm12.exe -> [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP)
(CTDevice_Srv) CT Device Query service [Auto | Running] -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007-04-02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd)
(TODDSrv) TOSHIBA Optical Disc Drive Service [Auto | Running] -> C:\WINDOWS\system32\TODDSrv.exe -> [2006-05-25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation)
(Nomad) Connection Manager [Auto | Running] -> C:\Program Files\BVRP Connection Manager\NomadSvr.exe -> [2005-12-15 11:58:52 | 000,065,536 | ---- | M] ()
(ACS) Usługa konfiguracji Atheros [Auto | Running] -> C:\WINDOWS\system32\acs.exe -> [2005-09-26 11:22:28 | 000,036,864 | ---- | M] ()
(CFSvcs) ConfigFree Service [Auto | Running] -> C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -> [2005-01-17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION)

[Driver Services - Safe List]
(sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2011-03-02 10:59:56 | 000,436,792 | ---- | M] ()
(nmwcd) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ccdcmb.sys -> [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia)
(UsbserFilt) UsbserFilt [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -> [2009-12-30 11:30:56 | 000,007,936 | ---- | M] (Nokia)
(nmwcdc) Nokia USB Generic [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ccdcmbo.sys -> [2009-12-30 11:30:48 | 000,022,016 | ---- | M] (Nokia)
(upperdev) upperdev [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -> [2009-12-30 11:30:48 | 000,007,936 | ---- | M] (Nokia)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\pfc.sys -> [2008-10-18 10:49:53 | 000,009,856 | ---- | M] (Padus, Inc.)
(AMON) AMON [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\amon.sys -> [2008-09-16 21:21:41 | 000,512,096 | ---- | M] (Eset )
(nod32drv) nod32drv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\nod32drv.sys -> [2008-09-16 21:21:40 | 000,015,424 | ---- | M] ()
(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\pccsmcfd.sys -> [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia)
(pnarp) Pure Networks Device Discovery Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\pnarp.sys -> [2008-05-16 07:10:32 | 000,023,992 | ---- | M] (Pure Networks, Inc.)
(purendis) Pure Networks Wireless Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\purendis.sys -> [2008-05-16 07:10:30 | 000,025,272 | ---- | M] (Pure Networks, Inc.)
(nm) Sterownik monitora sieci [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nmnt.sys -> [2008-04-13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation)
(PCAMPR5) PCAMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\pcampr5.sys -> [2008-01-21 08:56:38 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))
(PCANDIS5) PCANDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\pcandis5.sys -> [2008-01-21 08:56:38 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))
(NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\npf.sys -> [2007-11-06 22:22:06 | 000,034,064 | ---- | M] (CACE Technologies)
(hwdatacard) Huawei DataCard USB Modem and USB Serial [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ewusbmdm.sys -> [2007-08-08 13:12:42 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.)
(V0260VID) Live! Cam Vista IM [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\V0260Vid.sys -> [2006-11-04 00:45:48 | 000,178,913 | R--- | M] (Creative Technology Ltd.)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.Sys -> [2006-05-16 17:32:58 | 004,275,712 | ---- | M] (Realtek Semiconductor Corp.)
(tdudf) TOSHIBA UDF File System Driver [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\tdudf.sys -> [2006-04-18 15:12:00 | 000,098,816 | ---- | M] (TOSHIBA Corporation)
(AR5211) Atheros Wireless Network Adapter Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ar5211.sys -> [2006-04-01 17:46:28 | 000,471,264 | ---- | M] (Atheros Communications, Inc.)
(AgereSoftModem) TOSHIBA V92 Software Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AGRSM.sys -> [2006-03-18 07:36:42 | 001,155,584 | R--- | M] (Agere Systems)
(tdcmdpst) TOSHIBA Writing Engine Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\tdcmdpst.sys -> [2006-03-02 19:49:50 | 000,015,360 | ---- | M] (TOSHIBA Corporation.)
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtnicxp.sys -> [2006-01-18 18:41:58 | 000,080,512 | ---- | M] (Realtek Semiconductor Corporation )
(qkbfiltr) Quanta HotKey Keyboard Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\qkbfiltr.sys -> [2006-01-12 16:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2005-12-11 22:40:42 | 001,414,656 | ---- | M] (ATI Technologies Inc.)
(HPFXBULK) HPFXBULK [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\hpfxbulk.sys -> [2005-09-20 18:22:37 | 000,009,344 | R--- | M] (Hewlett Packard)
(BoiHwsetup) Access 32bits INT15 routine [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BoiHwSetup.sys -> [2005-06-10 21:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp)
(qmofiltr) Quanta HotKey Mouse Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\qmofiltr.sys -> [2005-05-05 14:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.)
(rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RTL8139.sys -> [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(BVRPNDIS) BVRPNDIS Protocol Driver U/I [Kernel | Auto | Running] -> C:\Program Files\BVRP Connection Manager\BVRPNDIS.sys -> [2004-06-02 16:56:56 | 000,035,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))
(ASAPIW2K) ASAPIW2K [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\asapiW2k.sys -> [2003-11-28 18:34:40 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH)
(Netdevio) TOSHIBA Network Device Usermode I/O Protocol [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\Netdevio.sys -> [2003-01-29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.)
(Nsynas32) Nsynas32 [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\drivers\NSynas32.sys -> [2001-04-09 04:03:56 | 000,017,784 | ---- | M] (Syncrosoft Hard- und Software GmbH)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.fr/ ->
HKEY_CURRENT_USER\: Main\\"Start Page Restore" -> http://www.google.fr/ ->
HKEY_CURRENT_USER\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 1 ->
HKEY_CURRENT_USER\: "ProxyServer" -> http=127.0.0.1:51939 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions -> ->
HKLM\software\mozilla\Firefox\extensions\\support@predictad.com -> C:\PROGRAM FILES\AUTOCOMPLETEPRO\SUPPORT@PREDICTAD.COM ->
HKLM\software\mozilla\Thunderbird\Extensions -> ->
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Charles\Dane aplikacji\Mozilla\Extensions -> [2009-03-30 18:03:26 | 000,000,000 | ---D | M]
-> C:\Documents and Settings\Charles\Dane aplikacji\Mozilla\Extensions\mozswing@mozswing.org -> [2009-03-30 18:03:26 | 000,000,000 | ---D | M]
< HOSTS File > ([2010-10-14 21:23:39 | 000,422,453 | R--- | M] - 14611 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
First 25 entries...
Reset Hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2010-09-22 18:04:20 | 000,061,888 | ---- | M] (Adobe Systems Incorporated)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{C56CB6B0-0D96-11D6-8C65-B2868B609932} [HKLM] -> C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [NTIECatcher Class] -> [2003-12-15 19:58:50 | 000,049,152 | ---- | M] (Xi)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{C4069E3A-68F1-403E-B40E-20066696354B}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Alcmtr" -> C:\WINDOWS\Alcmtr.exe [ALCMTR.EXE] -> [2005-05-03 18:43:28 | 000,069,632 | ---- | M] (Realtek Semiconductor Corp.)
"DDWMon" -> C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe] -> [2006-04-28 11:49:02 | 000,262,144 | ---- | M] ()
"DivXUpdate" -> C:\Program Files\DivX\DivX Update\DivXUpdate.exe ["C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW] -> [2011-03-21 23:10:00 | 001,230,704 | ---- | M] ()
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe] -> [2005-07-23 04:40:43 | 000,176,128 | ---- | M] (HP)
"Memeo AutoSync" -> C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe [C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent] -> [2010-04-16 23:43:12 | 000,144,608 | ---- | M] (Memeo Inc.)
"Memeo Send" -> C:\Program Files\Memeo\Memeo Send\MemeoLauncher.exe [C:\Program Files\Memeo\Memeo Send\MemeoLauncher.exe --silent] -> [2010-07-20 20:18:14 | 000,236,816 | ---- | M] ()
"NDSTray.exe" -> [NDSTray.exe] -> File not found
"nod32kui" -> C:\Program Files\Eset\nod32kui.exe ["C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE] -> [2008-09-16 21:21:40 | 000,949,376 | ---- | M] (Eset )
"NUSB3MON" -> C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe ["C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"] -> [2009-11-20 19:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation)
"Seagate Dashboard" -> C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui] -> [2010-04-30 16:47:02 | 000,079,112 | ---- | M] ()
"SmoothView" -> C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe [C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe] -> [2005-05-13 11:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation)
"Toshiba Hotkey Utility" -> C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe ["C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang PL] -> [2006-05-25 15:28:12 | 001,773,568 | ---- | M] (TOSHIBA Inc.)
"TPSMain" -> C:\WINDOWS\System32\TPSMain.exe [TPSMain.exe] -> [2005-08-04 14:16:02 | 000,266,240 | ---- | M] (TOSHIBA Corporation)
"UnlockerAssistant" -> C:\Program Files\Unlocker\UnlockerAssistant.exe ["C:\Program Files\Unlocker\UnlockerAssistant.exe" -H] -> [2008-05-02 06:15:46 | 000,015,872 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Rainlendar2" -> C:\Program Files\Rainlendar2\Rainlendar2.exe [C:\Program Files\Rainlendar2\Rainlendar2.exe] -> [2010-07-11 11:42:46 | 002,199,040 | ---- | M] ()
"TOSCDSPD" -> C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe] -> [2005-04-12 12:04:18 | 000,065,536 | ---- | M] (TOSHIBA)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Start\Programy\Autostart ->
< Charles Startup Folder > -> C:\Documents and Settings\Charles\Menu Start\Programy\Autostart ->
C:\Documents and Settings\Charles\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe -> [2010-12-13 12:12:08 | 001,198,592 | ---- | M] ()
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"NoCDBurning" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"NoBandCustomize" -> [0] -> File not found
\\"NoMovingBands" -> [0] -> File not found
\\"NoCloseDragDropBands" -> [0] -> File not found
\\"NoSetTaskbar" -> [0] -> File not found
\\"NoToolbarsOnTaskbar" -> [0] -> File not found
\\"NoSaveSettings" -> [0] -> File not found
\\"NoActiveDesktop" -> [0] -> File not found
\\"ClassicShell" -> [0] -> File not found
\\"LockTaskbar" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"" -> [ ] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Télécharger avec NetTransport -> C:\Program Files\Xi\NetTransport 2\NTAddLink.html [C:\Program Files\Xi\NetTransport 2\NTAddLink.html] -> [2002-01-20 14:15:10 | 000,001,628 | ---- | M] ()
Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2011-03-26 01:48:06 | 004,284,416 | ---- | M] (Google Inc.)
Funkcja Google Sidewiki -> [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html] -> File not found
Tout t&élécharger avec NetTransport -> C:\Program Files\Xi\NetTransport 2\NTAddList.html [C:\Program Files\Xi\NetTransport 2\NTAddList.html] -> [2004-05-04 21:46:06 | 000,000,754 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7476 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7476 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab [QuickTime Object] ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243766058250 [MUWebControl Class] ->
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos-beta/OnlineScanner.cab [OnlineScanner Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [HKLM] -> http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab [Reg Error: Key error.] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 194.204.159.1 194.204.152.34 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{0F2DFDA1-8272-4760-96B4-876136719B4C}\\DhcpNameServer -> 194.204.159.1 194.204.152.34 (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{0F2DFDA1-8272-4760-96B4-876136719B4C}\\NameServer -> 208.67.222.222 (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{BA7922FC-E40C-4325-87AC-BD7140B0085C}\\DhcpNameServer -> 194.204.159.1 194.204.152.34 (Atheros AR5005G Wireless Network Adapter) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2005-12-11 22:34:56 | 000,047,104 | ---- | M] (ATI Technologies Inc.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHoo ks ->
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [] -> [2009-05-24 22:41:34 | 000,304,128 | ---- | M] (Microsoft Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile\AuthorizedApplications\List ->
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" -> [C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter] -> File not found
"C:\Program Files\eMule\emule.exe" -> C:\Program Files\eMule\emule.exe [C:\Program Files\eMule\emule.exe:*:Enabled:eMule] -> [2010-04-07 15:00:04 | 005,758,976 | ---- | M] (http://www.emule-project.net)
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" -> [C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2] -> File not found
"C:\Program Files\Opera\opera.exe" -> C:\Program Files\Opera\opera.exe [C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser] -> [2011-03-03 17:44:35 | 000,943,472 | ---- | M] (Opera Software)
"C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" -> C:\Program Files\Toshiba\ConfigFree\CFXFER.exe [C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine] -> [2005-07-21 18:38:24 | 000,901,120 | ---- | M] (TOSHIBA CORPORATION)
"C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe" -> C:\WINDOWS\System32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe [C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Application Policy Service\svchost.exe:*:Enabled:Application Policy Service] -> [2011-05-01 15:19:12 | 001,505,280 | ---- | M] ()
"D:\WAG54GS.exe" -> [D:\WAG54GS.exe:*:Enabled:WAG54GS] -> File not found
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Sterownik stacji dysków CD-ROM ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2006-05-31 14:14:58 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{a6dd0c3a-65ad-11df-931a-0016365d4ca3}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6dd0c3a-65ad-11df-931a-0016365d4ca3}\Shell
\{a6dd0c3a-65ad-11df-931a-0016365d4ca3}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6dd0c3a-65ad-11df-931a-0016365d4ca3}\Shell\AutoRun\command
\{a6dd0c3a-65ad-11df-931a-0016365d4ca3}\Shell\AutoRun\command\\"" -> [E:\Install.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^TransText.lnk -> C:\Program Files\ChaosSoft\TransText\TransText.exe -> [2000-03-13 23:21:20 | 000,032,768 | ---- | M] ()
C:^Documents and Settings^Charles^Menu Start^Programy^Autostart^Memokeys.lnk -> C:\Program Files\MEMOKEYS\memokeys.exe -> [2009-02-12 15:33:57 | 000,974,848 | ---- | M] (INTERLOGIC CONCEPT)
C:^Documents and Settings^Charles^Menu Start^Programy^Autostart^Notification de cadeaux MSN.lnk -> Reg Error: Value error. -> File not found
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
ACU hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Atheros\ACU.exe -> [2005-12-08 17:49:06 | 000,323,584 | ---- | M] (Atheros Communications, Inc.)
Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe -> [2011-01-31 10:44:43 | 000,035,760 | ---- | M] (Adobe Systems Incorporated)
AlcoholAutomount hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -> [2010-08-20 13:03:08 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
ATIPTA hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [2005-12-11 21:05:00 | 000,344,064 | ---- | M] (ATI Technologies, Inc.)
CFSServ.exe hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
Connection Manager hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\BVRP Connection Manager\Nomad.exe -> [2006-02-16 15:01:54 | 000,086,016 | ---- | M] (BVRP Software)
Creative WebCam Tray hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Creative\Shared Files\CamTray.exe -> [2005-10-27 12:00:22 | 000,299,008 | ---- | M] (Creative Technology Ltd)
DivXUpdate hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\DivX\DivX Update\DivXUpdate.exe -> [2011-03-21 23:10:00 | 001,230,704 | ---- | M] ()
HP Software Update hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe -> [2003-06-25 11:24:48 | 000,049,152 | ---- | M] (Hewlett-Packard)
IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
Memeo Backup hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe -> [2010-07-28 19:21:20 | 000,136,416 | ---- | M] (Memeo Inc.)
Memeo Instant Backup hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe -> [2010-07-28 19:21:20 | 000,136,416 | ---- | M] (Memeo Inc.)
MSMSGS hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Messenger\msmsgs.exe -> [2008-04-14 19:21:30 | 001,695,232 | ---- | M] (Microsoft Corporation)
NBKeyScan hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Reg Error: Value error. -> File not found
NeroFilterCheck hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
NokiaMServer hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
NokiaOviSuite2 hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Reg Error: Value error. -> File not found
PadTouch hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Toshiba\Touch and Launch\PadExe.exe -> [2005-12-22 15:34:22 | 001,077,329 | ---- | M] (TOSHIBA)
QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\qttask.exe -> [2010-11-29 18:38:18 | 000,421,888 | ---- | M] (Apple Inc.)
SoftAuto.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Creative\Software Update 3\SoftAuto.exe -> [2008-08-13 05:49:30 | 000,405,504 | ---- | M] (Creative Technology Ltd)
SpybotSD TeaTimer hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -> [2009-03-05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.)
UpdateReminder hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\ESET\UpdateReminder.exe -> [2010-11-03 18:57:43 | 000,413,696 | ---- | M] (ESET, spol. s r.o.)
WinampAgent hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Winamp\Winampa.exe -> [2011-03-22 20:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.)
< Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
"bootini" -> 0 ->
"services" -> 0 ->
"startup" -> 2 ->
"system.ini" -> 0 ->
"win.ini" -> 0 ->
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.divxa32" -> C:\WINDOWS\System32\DivXa32.acm [DivXa32.acm] -> [2000-06-09 22:54:28 | 000,291,408 | R--- | M] (Hacked With Joy !)
"msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008-04-14 19:21:53 | 000,199,680 | ---- | M] (Intel Corporation)
"msacm.l3acm" -> C:\WINDOWS\System32\l3codeca.acm [L3codeca.acm] -> [2010-01-29 16:45:20 | 000,307,260 | R--- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.l3codec" -> C:\WINDOWS\System32\l3codecp.acm [l3codecp.acm] -> [2006-10-18 21:05:16 | 000,232,448 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008-04-14 19:17:57 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.)
"msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004-08-04 12:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)
"msacm.vorbis" -> C:\WINDOWS\System32\vorbis.acm [vorbis.acm] -> [2009-09-15 11:14:18 | 001,554,944 | ---- | M] (HMS http://hp.vector.co.jp/authors/VA012897/)
"MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008-04-14 19:20:58 | 000,054,784 | ---- | M] (Microsoft Corporation)
"vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2010-06-17 16:03:45 | 000,080,384 | ---- | M] (Radius Inc.)
"vidc.DIV3" -> C:\WINDOWS\System32\DivXc32.dll [DivXc32.dll] -> [2000-06-09 22:54:28 | 000,414,272 | R--- | M] (Hacked with Joy !)
"vidc.DIV4" -> C:\WINDOWS\System32\DivXc32f.dll [DivXc32f.dll] -> [2000-06-09 22:54:28 | 000,414,272 | R--- | M] (Hacked with Joy !)
"vidc.DIVX" -> C:\WINDOWS\System32\DivX.dll [DivX.dll] -> [2010-02-19 21:27:36 | 000,720,384 | ---- | M] (DivX, Inc.)
"VIDC.I420" -> C:\WINDOWS\System32\i420vfw.dll [i420vfw.dll] -> [2004-01-25 00:00:00 | 000,070,656 | ---- | M] (www.helixcommunity.org)
"vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004-08-04 12:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004-08-04 12:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008-04-14 19:21:53 | 000,848,384 | ---- | M] (Intel Corporation)
"vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008-04-14 19:20:33 | 000,755,200 | ---- | M] (Intel Corporation)
"vidc.mp42" -> C:\WINDOWS\System32\Mpg4c32.dll [mpg4c32.dll] -> [2000-06-09 22:54:28 | 000,413,760 | R--- | M] (Microcrap Corporation)
"vidc.mp43" -> C:\WINDOWS\System32\Mpg4c32.dll [mpg4c32.dll] -> [2000-06-09 22:54:28 | 000,413,760 | R--- | M] (Microcrap Corporation)
"vidc.mpg4" -> C:\WINDOWS\System32\Mpg4c32.dll [mpg4c32.dll] -> [2000-06-09 22:54:28 | 000,413,760 | R--- | M] (Microcrap Corporation)
"vidc.yv12" -> C:\WINDOWS\System32\yv12vfw.dll [yv12vfw.dll] -> [2004-01-25 00:00:00 | 000,070,656 | ---- | M] (www.helixcommunity.org)
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.cpl [@ = cplfile] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* ->
.exe [@ = exefile] -> "%1" %* ->
.html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< File Associations - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>\ ->
.html [@ = htmlfile] -> Reg Error: Key error. -> File not found
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 -> -> File not found
AppMgmt -> -> File not found
HidServ -> -> File not found
Ias -> -> File not found
Iprip -> -> File not found
Irmon -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
WmdmPmSp -> -> File not found
*MultiFile Done* -> ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} [HKLM] -> C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll[CZipHandler Object] -> [2004-05-12 16:18:56 | 000,081,920 | ---- | M] (Hewlett-Packard Company)
pure-go:{4746C79A-2042-4332-8650-48966E44ABA8} [HKLM] -> C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll[CPureGoProtoInfo Object] -> [2008-08-03 15:50:56 | 000,144,696 | ---- | M] (Pure Networks, Inc.)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2010-05-13 17:57:22 | 002,135,336 | R--- | M] (Skype Technologies)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
AppMgmt -> -> File not found
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
System Bus Extender -> Driver Group
vds -> Service
vga.sys -> Driver
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
AppMgmt -> -> File not found
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
nm -> C:\WINDOWS\system32\drivers\nmnt.sys -> [2008-04-13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation)
nm.sys -> C:\WINDOWS\system32\drivers\nmnt.sys -> [2008-04-13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation)
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
vga.sys -> Driver
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
< System Restore User Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore ->
"DisableSR" -> 0 ->
< System Restore File Filter Service > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr ->
"Start" -> 0 ->
< System Restore Service > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService ->
"Start" -> 2 ->
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\DomainProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\DomainProfile\AuthorizedApplications\ -> ->
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile\GloballyOpenPorts\ -> ->
< Windows StandardProfile GloballyOpenPorts Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile\GloballyOpenPorts\List ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewall Policy\StandardProfile\GloballyOpenPorts\List
\\"1900:UDP" -> [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found
\\"2869:TCP" -> [2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008] -> File not found
\\"139:TCP" -> [139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004] -> File not found
\\"445:TCP" -> [445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005] -> File not found
\\"137:UDP" -> [137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001] -> File not found
\\"138:UDP" -> [138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002] -> File not found
\\"4662:TCP" -> [4662:TCP:*:Enabled:eMULE] -> File not found
\\"4662:UDP" -> [4662:UDP:*:Enabled:eMule] -> File not found
\\"5985:TCP" -> [5985:TCP:*:Disabled:Zdalne zarządzanie systemem Windows ] -> File not found
\\"80:TCP" -> [80:TCP:*:Disabled:Zdalne zarządzanie systemem Windows — tryb zgodności (ruch przychodzący HTTP) ] -> File not found
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010-04-08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.)
Protocol_Catalog9\Catalog_Entries\000000000001 -> C:\WINDOWS\System32\imon.dll -> [2008-09-16 21:21:42 | 000,298,104 | ---- | M] (Eset )
Protocol_Catalog9\Catalog_Entries\000000000002 -> C:\WINDOWS\System32\imon.dll -> [2008-09-16 21:21:42 | 000,298,104 | ---- | M] (Eset )
Protocol_Catalog9\Catalog_Entries\000000000003 -> C:\WINDOWS\System32\imon.dll -> [2008-09-16 21:21:42 | 000,298,104 | ---- | M] (Eset )
Protocol_Catalog9\Catalog_Entries\000000000004 -> C:\WINDOWS\System32\imon.dll -> [2008-09-16 21:21:42 | 000,298,104 | ---- | M] (Eset )
Protocol_Catalog9\Catalog_Entries\000000000005 -> C:\WINDOWS\System32\imon.dll -> [2008-09-16 21:21:42 | 000,298,104 | ---- | M] (Eset )
Protocol_Catalog9\Catalog_Entries\000000000011 -> C:\WINDOWS\System32\imon.dll -> [2008-09-16 21:21:42 | 000,298,104 | ---- | M] (Eset )
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} -> PDFCreator
{01ADCC5D-45B4-45E4-AC5C-C06E044B16DF} -> hppIOFiles
{0456ebd7-5f67-4ab6-852e-63781e3f389c} -> Macromedia Flash Player
{05832D65-6EDB-4D32-BA78-BCD0E2B91C02} -> Atheros Wireless LAN MiniPCI/PCIe card Driver
{0815D55A-5EFF-4E1B-8C04-7035E914D90D} -> OLYMPUS Master 2
{099D12EC-0321-4CAC-A0CC-33D020156FCD} -> Toshiba Utility
{0BEDBD4E-2D34-47B5-9973-57E62B29307C} -> Panel sterowania ATI
{0EF45FEA-E3C1-4660-854A-810C1BA169E2} -> hppLJ3390
{12B3A009-A080-4619-9A2A-C6DB151D8D67} -> TOSHIBA Assist
{14291118-0C19-45EA-A4FA-5C1C0F5FDE09} -> Primo
{173D5E9E-8ABC-4EB2-B371-18AF8812A91D} -> hppFaxUtility
{19DC9559-9C20-4A46-A67D-7ECBA52A2788} -> Nokia PC Suite
{1BC77CEF-C52F-4092-BF87-0D4E6B86D860} -> Memeo Share
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{1FB1424F-2E8C-4A93-8BB1-D6A20805F633} -> Toshiba Hotkey Utility
{1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1 -> VirtualDub 1.9.6 Fr
{212748BB-0DA5-46DE-82A1-403736DC9F27} -> MSVC80_x86
{26A24AE4-039D-4CA4-87B4-2F83216018FF} -> Java(TM) 6 Update 24
{284BD984-6E5C-4586-80A8-14D85E233497} -> Linksys EasyLink Advisor
{2AFF2951-86B1-3C53-B34D-B440F11E7D0A} -> Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
{2E0DFC24-7C4B-4DCF-BCC7-81C513BED3BC} -> Python 2.5.4
{3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6
{350C9415-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3921A67A-5AB1-4E48-9444-C71814CF3027} -> VCRedistSetup
{3EB6332B-AF02-457C-A31C-835458C5B48B} -> Podreczniki TOSHIBA
{3F115F1A-A387-4B28-8552-DBCAA1C2EC28} -> hppToolBoxFX
{400830CA-F056-4BBE-80A3-9DF9CA4FB889} -> TOSHIBA Direct Disc Writer
{4442AB48-DEC4-4B39-B067-1F75BF8017E7} -> Creative Centrale
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4BF0E11A-4580-41BE-899F-60B5DC1DB2EA} -> Cogniview PDF2XL Enterprise Evaluation
{4D82392D-AF90-4159-9A14-887BBC835191} -> hpp3390usg
{529DDE6B-4F31-438B-B218-F36266ABD8C0} -> TOSHIBA Disc Creator
{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
{57752979-A1C9-4C02-856B-FBB27AC4E02C} -> QuickTime
{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9} -> Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
{5D96E2B1-D9AC-46E0-9073-425C5F63E338} -> Touch and Launch
{5EE7D259-D137-4438-9A5F-42F432EC0421} -> VC80CRTRedist - 8.0.50727.4053
{606E5C0D-6039-42A7-988E-9D51DE773AFF} -> hppFonts
{64212898-097F-4F3F-AECA-6D34A7EF82DF} -> Program narzędziowy TOSHIBA Zooming Utility
{64CB2553-C109-4132-AA51-1F421B515FD1} -> Microsoft .NET Framework 1.1 Polish Language Pack
{663D8AAF-CB71-4056-8C60-1D85BC576C6E} -> hppTooCool
{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} -> MSVC80_x86_v2
{6DEA87DF-B074-417B-85A0-79F5EDE671A4} -> hpzTLBXFX
{6F00BBC0-2CE9-11DF-6784-016089EE18BE} -> progeCAD 2010 Professional
{716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK
{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE} -> Atheros Client Utility
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{7397EDED-F38A-4654-B669-BF61065803D0} -> PC Connectivity Solution
{75B7F766-7998-44d8-A202-F1EC76A121BA} -> Memeo AutoSync
{766273C1-A39B-47EB-ACE8-DEBDD8094BCC} -> overland
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{77DCDCE3-2DED-62F3-8154-05E745472D07} -> Acrobat.com
{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE} -> Readiris Pro 11
{7E0610A2-E336-40B3-B685-C4905E97EC9A} -> OpenOffice.org 3.3
{81784157-3D4D-4bc1-B988-B24C32A26DA8} -> Memeo Send
{82B2DB92-98CA-4a0e-B1BD-18B6E2D320CB} -> Memeo Backup
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{86604C06-DA30-425E-AECE-47304FE81C45} -> Creative Software Update
{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} -> Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
{8777AC6D-89F9-4793-8266-DE406F343E89} -> QFolder
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A253629-0511-4854-8B4E-46E57E66005C} -> Bonjour
{8A7E941F-2BB4-47D0-B732-8AE5F3513B68} -> ASAPI
{8E666407-AC41-46a2-9692-6C7BFCBFDD37} -> Memeo Instant Backup
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{90F50409-6000-11D3-8CFE-0150048383C9} -> Visual Basic for Applications (R) Core
{90F60409-6000-11D3-8CFE-0150048383C9} -> Visual Basic for Applications (R) Core - English
{91120415-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Standard Edition 2003
{91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD for TOSHIBA
{91A5B6C0-EF4E-4830-AC7D-6761C0A9B292} -> hp deskjet 3600
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9EFDFBA8-9174-3C61-8645-28376C5CA994} -> Microsoft .NET Framework 3.5 Language Pack SP1 - plk
{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D} -> Wyciszacz napędu CD/DVD
{A0B42136-C813-4FB4-84A1-C41E6F12410B} -> hppSendFax
{a0fe116e-9a8a-466f-aee0-625cb7c207e3} -> Microsoft Visual C++ 2005 Redistributable - KB2467175
{A2D88DF3-EF39-456E-A393-BF48037D985A} -> BVRP Connection Manager Pro
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} -> MSXML 6.0 Parser
{A5A93185-26A8-4F02-B021-D6E6A4396441} -> hppManuals3390
{AB67580-257C-45FF-B8F4-C8C30682091A}_is1 -> SIW version 2008-12-16
{AC76BA86-7AD7-1033-7B44-A94000000001} -> Adobe Reader 9.4.4
{AF111648-99A1-453E-81DD-80DBBF6DAD0D} -> MSVC90_x86
{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy
{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0} -> Nokia Connectivity Cable Driver
{BAF78226-3200-4DB4-BE33-4D922A799840} -> Windows Presentation Foundation
{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B} -> MarketResearch
{BDD83DC9-BEE9-4654-A5DA-CC46C250088D} -> TOSHIBA ConfigFree
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{C3A11907-930D-41AC-A135-CC3B12F92011} -> Seagate Dashboard
{C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update
{C9507D0D-1A9C-486E-91D6-33A71CCA55F2} -> Pure Networks Platform
{CAE7D1D9-3794-4169-B4DD-964ADBC534EE} -> HP Product Detection
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CBD9804D-053B-454F-87C5-2FD9894BD2C5} -> eDrawings for Pro/ENGINEER
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} -> getPlus(R) for Adobe
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.2
{D5E31EEE-CD8A-4E01-87F1-119C4A3201FD} -> hppscan3390
{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1 -> VirtualDub Plugin Pack 1.0.0.6 Fr
{D7BF9739-8A68-4335-BBEE-37752AD9E86B} -> NEC Electronics USB 3.0 Host Controller Driver
{D9992086-5687-4413-A631-00AFA0BEBE6A} -> FRANCE PROSPECT Email 400
{DABF43D9-1104-4764-927B-5BED1274A3B0} -> Runtime
{DB7F1657-6164-40AE-8A94-8F785C0C3E3F} -> hppFaxDrv3390
{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1 -> NOD32 FiX v2.1
{E69B85BC-8121-4D5C-8CA4-D688895671F4} -> hppScanTo
{E94E150C-762B-4cd1-8A54-7228A07C0710} -> HP LaserJet 3050/3052/3055/3390/3392 3.0
{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} -> Adobe Flash Player 10 Plugin
{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} -> PL-2303 USB-to-Serial
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA} -> Toshiba Touchpad Utility
{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1 -> StreamTransport version: 1.0.2.1975
{FE3F3C9B-2C29-4FEE-A74F-11E436729F2C} -> Scan
{FE57DE70-95DE-4B64-9266-84DA811053DB} -> HP Update
05B59228C7E1C21DFBE89260F879BD95880548D8 -> Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)
504244733D18C8F63FF584AEB290E3904E791693 -> Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA -> Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)
Accent OFFICE Password Recovery_is1 -> Accent OFFICE Password Recovery 5.1
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Shockwave Player -> Adobe Shockwave Player 11.5
Advanced Office 2000 Password Recovery -> Advanced Office 2000 Password Recovery
All ATI Software -> Narzędzie Software Uninstall Utility firmy ATI
ATI Display Driver -> ATI Display Driver
Audacity_is1 -> Audacity 1.2.6
B406677FA530D213D0B10B080DCD1080AE866D39 -> Pakiet sterowników systemu Windows - Ross-Tech USB Driver Package (05/21/2009 2.04.18)
CamStudio -> CamStudio
CCleaner -> CCleaner
Commander -> Commander
Configurator SZE2 ZPAS ABB_is1 -> Configurator SZE2 ZPAS-ABB 11.2009
Creative Centrale -> Creative Centrale
Creative Software AutoUpdate -> Creative Software AutoUpdate
Creative VF0260 -> Creative Live! Cam Vista IM Driver (1.01.03.1104)
Creative WebCam Center -> Creative WebCam Center
DivX Plus DirectShow Filters -> DivX Plus DirectShow Filters
DivX Setup.divx.com -> Configuration DivX
DVD Decrypter 3.5.4.0 Fr -> DVD Decrypter 3.5.4.0 Fr
DVDFab HD Decrypter 4_is1 -> DVDFab HD Decrypter 4.1.2.0
eMule -> eMule
ESET Online Scanner -> ESET Online Scanner v3
Free Mp3 Wma Converter_is1 -> Free Mp3 Wma Converter V 1.93
Free PDF to Word Converter_is1 -> Free PDF to Word Converter 1.5
Free Video to Mp3 Converter_is1 -> Free Video to Mp3 Converter version 2.7
Glary Utilities_is1 -> Glary Utilities 2.33.0.1158
Gordian Knot -> Gordian Knot Rip Pack 0.35.0
Hannover Messe 2011 -> Hannover Messe 2011
Heraldique 8 -> Heraldique 8
HijackThis -> HijackThis 2.0.2
HPExtendedCapabilities -> HP Extended Capabilities 4.7
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
ie8 -> Windows Internet Explorer 8
InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD} -> Toshiba Utility
InstallShield_{284BD984-6E5C-4586-80A8-14D85E233497} -> Linksys EasyLink Advisor
InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B} -> NEC Electronics USB 3.0 Host Controller Driver
InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA} -> Toshiba Touchpad Utility
Konfiguratory Szaf ZPAS_is1 -> Konfiguratory ZPAS 05.2009
MailNavigator v.1.12 -> MailNavigator v.1.12
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
MediaMonkey_is1 -> MediaMonkey 3.1
MEMOKEYS 1.9 -> MEMOKEYS 1.9
MemoKeys light edition_is1 -> MemoKeys II Light Edition 2.3
Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 Language Pack SP1 - plk -> Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
Net Transport_is1 -> Net Transport 1.87.258
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
NOD32 -> System Antywirusowy NOD32
Nokia PC Suite -> Nokia PC Suite
Notepad++ -> Notepad++
Opera 11.01.1190 -> Opera 11.01
Picasa 3 -> Picasa 3
Power Saver -> Program firmy TOSHIBA do oszczędzania energii
Program PC Diagnostic Tool -> Program TOSHIBA PC Narzędzie diagnostyczne
QuickWordtoPDF -> QuickWordtoPDF
Rainlendar2 -> Rainlendar2 (remove only)
Ramboost XP_is1 -> RamBoost XP 4.0.6
RAR Password Cracker -> RAR Password Cracker 4.12
Sarbacane 2 -> Sarbacane 2
Secured Internet Explorer -> Secured Internet Explorer
Security Task Manager -> Security Task Manager 1.8c
SUPER © -> SUPER © Version 2009.bld.36 (June 10, 2009)
Syncrosoft's License Control -> Syncrosoft's License Control
SynTPDeinstKey -> Synaptics Pointing Device Driver
SysInfo -> Creative System Information
TOSHIBA Software Modem -> TOSHIBA Software Modem
Totalcmd -> Total Commander (Remove or Repair)
TransText -> TransText
Unlocker -> Unlocker 1.8.7