x-kom hosting

winrbe32.rom

kierpce
utworzono
utworzono

Witam!

Od jakiegoś czasu przy starcie systemu wyskakuje mi błąd winrbe32.rom

[url="http://img844.imageshack.us/img844/7377/bladg.jpg"]http://img844.images.../7377/bladg.jpg[/url]

Wiecie czym może to być spowodowane ?

Mój system operacyjny to win7 home edition, a ten błąd zaczął się pojawiać bodajże po zainstalowanie Daemon Toolsa ( odinstalowanie go nic nie pomogło ).

Czekam na propozycje.

żadnych pomysłów ?
[color="#ff0000"]
//przenoszę do Bezpieki
//raaz[/color]

raazor90
komentarz
komentarz

Daj loga z OTL i RSIT : http://www.forumpc.pl/index.php?showtopic=104338 temat przenoszę do Bezpieczeństwa

kierpce
komentarz
komentarz

[log]OTL logfile created on: 2010-08-30 22:09:31 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Lecho\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 87,65 Gb Free Space | 75,28% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 262,12 Gb Free Space | 78,78% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LECHO-KOMPUTER
Current User Name: Lecho
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-30 22:07:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe
PRC - [2010-07-23 04:15:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe
PRC - [2010-07-12 18:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- D:\Winamp\winampa.exe
PRC - [2010-07-09 16:02:34 | 001,620,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- D:\Avast!\AvastUI.exe
PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- D:\Avast!\AvastSvc.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-04-11 18:45:35 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010-03-30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- D:\Hamachi\hamachi-2-ui.exe
PRC - [2010-02-05 19:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010-02-04 23:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010-01-05 22:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009-12-15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-08-12 12:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-06-24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009-02-28 02:10:28 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-12-04 16:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-30 22:07:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe
MOD - [2010-07-27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010-07-10 00:38:00 | 000,227,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll
MOD - [2010-07-10 00:38:00 | 000,185,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll
MOD - [2010-07-10 00:38:00 | 000,100,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2010-07-10 00:38:00 | 000,010,856 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010-04-07 09:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2010-03-24 08:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2009-07-14 03:15:08 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8.dll
MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-08-24 08:49:57 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-07-09 16:02:34 | 001,620,584 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- D:\Avast!\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- D:\Avast!\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Avast!\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-04-11 18:06:43 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010-03-30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009-12-15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2008-12-08 17:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008-12-04 16:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.onet.pl"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Mozilla Firefox\components [2010-08-02 12:03:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010-08-10 16:15:18 | 000,000,000 | ---D | M]

[2010-08-02 12:03:37 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\mozilla\Extensions
[2010-08-30 16:01:39 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\mozilla\Firefox\Profiles\jivrghcy.default\extensions
[2010-08-20 11:35:02 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\mozilla\Firefox\Profiles\jivrghcy.default\extensions\DTToolbar@toolbarnet.com

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] D:\Avast!\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] D:\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001..\Run: [ALLUpdate] D:\ALLPlayerPL\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001..\Run: [EA Core] D:\FIFA 2010\EADM\Core.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1000..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 10.lnk = D:\FIFA 2010\Support\EAregister.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Microsoft Office 2003 PL\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office 2003 PL\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{bf31b242-b041-11df-ad25-485b394bfeb1}\Shell - "" = AutoRun
O33 - MountPoints2\{bf31b242-b041-11df-ad25-485b394bfeb1}\Shell\AutoRun\command - "" = H:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]ADSMTray[/b] - hkey= - key= - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
MsConfig:64bit - StartUpReg: [b]ASUS Screen Saver Protector[/b] - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: [b]CLMLServer[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - D:\Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-30 22:07:56 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe
[2010-08-28 14:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010-08-25 17:38:42 | 000,000,000 | ---D | C] -- C:\Windows\Call of Duty Modern Warfare 2 PL
[2010-08-22 23:43:30 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\Updater
[2010-08-22 23:40:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2010-08-22 23:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared
[2010-08-22 16:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-08-22 16:06:56 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010-08-22 16:06:38 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-08-22 10:39:48 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\NFS SHIFT
[2010-08-22 10:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2010-08-22 10:22:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2010-08-20 14:47:43 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Adobe
[2010-08-20 13:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010-08-20 13:31:02 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\FIFA 10
[2010-08-20 12:02:15 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Leadertech
[2010-08-20 11:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-08-20 11:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010-08-20 11:30:44 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\DAEMON Tools Lite
[2010-08-09 16:41:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010-08-09 16:41:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-08-09 16:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010-08-09 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Seven Zip
[2010-08-09 15:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Conexant
[2010-08-09 15:27:44 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Conexant
[2010-08-09 15:13:41 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\LogMeIn Hamachi
[2010-08-04 13:29:01 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Media Player Classic
[2010-08-03 16:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-08-03 16:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-08-03 16:19:04 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu
[2010-08-03 16:17:08 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Gadu-Gadu
[2010-08-03 16:09:11 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Skype
[2010-08-03 16:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-08-03 10:27:12 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010-08-03 10:22:01 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010-08-03 10:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-08-02 20:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer
[2010-08-02 20:22:19 | 000,440,832 | ---- | C] ( ) -- C:\38856.exe
[2010-08-02 20:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010-08-02 20:15:37 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Ventrilo
[2010-08-02 17:43:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010-08-02 17:00:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-08-02 16:51:44 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\cache
[2010-08-02 16:50:08 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 10
[2010-08-02 16:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010-08-02 16:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010-08-02 16:38:54 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Winamp
[2010-08-02 15:37:17 | 000,022,528 | ---- | C] (www.counter-strike.de - MUff[99]) -- C:\Users\Lecho\Desktop\Gamma Control.exe
[2010-08-02 15:35:05 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\WinRAR
[2010-08-02 14:48:19 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\GoBoingo
[2010-08-02 14:47:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boingo
[2010-08-02 14:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\GoBoingo
[2010-08-02 14:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Desktop\Programy
[2010-08-02 14:24:55 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Microsoft Games
[2010-08-02 14:05:23 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\ASUS
[2010-08-02 14:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2010-08-02 14:05:01 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\ASUS
[2010-08-02 13:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-08-02 13:47:22 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Macromedia
[2010-08-02 13:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-08-02 13:29:49 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Microsoft Help
[2010-08-02 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Mozilla
[2010-08-02 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Mozilla
[2010-08-02 11:55:10 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Adobe
[2010-08-02 11:54:12 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Google
[2010-08-02 11:49:43 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\ASUS WebStorage
[2010-08-02 11:49:43 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Asus WebStorage
[2010-08-02 11:49:40 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\SRS Labs
[2010-08-02 11:49:08 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Searches
[2010-08-02 11:48:59 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Identities
[2010-08-02 11:48:56 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Contacts
[2010-08-02 11:46:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\eBay
[2010-08-02 11:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010-08-02 11:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010-08-02 11:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010-08-02 11:41:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010-08-02 11:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010-08-02 11:41:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010-08-02 11:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010-08-02 11:39:37 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2010-08-02 11:39:10 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Power2Go
[2010-08-02 11:39:05 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\VirtualStore
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Ustawienia lokalne
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\AppData\Local\Temporary Internet Files
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Szablony
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\SendTo
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Recent
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\PrintHood
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\NetHood
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Documents\Moje wideo
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Documents\Moje obrazy
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Moje dokumenty
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Documents\Moja muzyka
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Menu Start
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\AppData\Local\Historia
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Dane aplikacji
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\AppData\Local\Dane aplikacji
[2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Cookies
[2010-08-02 11:38:51 | 000,000,000 | --SD | C] -- C:\Users\Lecho\AppData\Roaming\Microsoft
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Videos
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Saved Games
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Pictures
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Music
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Links
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Favorites
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Downloads
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Documents
[2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Desktop
[2010-08-02 11:38:51 | 000,000,000 | -H-D | C] -- C:\Users\Lecho\AppData
[2010-08-02 11:38:51 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Temp
[2010-08-02 11:38:51 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Microsoft
[2010-08-02 11:38:51 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Media Center Programs
[2008-08-12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-30 22:11:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-08-30 22:07:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe
[2010-08-30 22:04:36 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-08-30 22:03:58 | 001,572,864 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT
[2010-08-30 22:03:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-08-30 22:03:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-08-30 22:03:29 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-29 16:44:56 | 007,836,135 | -H-- | M] () -- C:\Users\Lecho\AppData\Local\IconCache.db
[2010-08-28 13:14:45 | 000,020,941 | ---- | M] () -- C:\Users\Lecho\Desktop\blad.jpg
[2010-08-25 17:53:41 | 000,000,747 | ---- | M] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL SP.lnk
[2010-08-25 17:53:41 | 000,000,747 | ---- | M] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL MP.lnk
[2010-08-22 23:46:15 | 000,108,352 | ---- | M] () -- C:\Users\Lecho\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-22 23:40:55 | 000,001,383 | ---- | M] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2010-08-22 23:40:07 | 000,001,568 | ---- | M] () -- C:\Users\Lecho\Desktop\Adobe Photoshop CS2.lnk
[2010-08-20 12:02:25 | 000,000,831 | ---- | M] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 10.lnk
[2010-08-09 16:42:05 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI
[2010-08-09 16:17:34 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini
[2010-08-03 16:48:41 | 000,000,588 | ---- | M] () -- C:\Users\Lecho\Desktop\JDownloader.lnk
[2010-08-03 16:17:08 | 000,000,669 | ---- | M] () -- C:\Users\Lecho\Desktop\Gadu-Gadu.lnk
[2010-08-03 16:09:08 | 000,002,477 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-08-03 10:27:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-08-03 10:22:34 | 000,000,575 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2010-08-03 10:20:27 | 046,276,984 | ---- | M] () -- C:\Users\Lecho\AppData\Local\Avast_PRO_PL.exe
[2010-08-03 10:20:22 | 000,159,744 | ---- | M] () -- C:\Users\Lecho\AppData\Local\ac.exe
[2010-08-03 09:57:02 | 502,173,377 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-08-03 02:35:10 | 000,064,519 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-08-02 20:49:47 | 000,000,634 | ---- | M] () -- C:\Users\Lecho\Desktop\ALLPlayer V4.4.lnk
[2010-08-02 20:22:13 | 000,000,252 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010-08-02 16:51:44 | 000,002,432 | ---- | M] () -- C:\Users\Lecho\AppData\Local\TempbU1528.html
[2010-08-02 16:51:44 | 000,002,089 | ---- | M] () -- C:\Users\Lecho\AppData\Local\Temppt1528.html
[2010-08-02 16:47:47 | 000,000,482 | ---- | M] () -- C:\Users\Lecho\Desktop\DATA (D).lnk
[2010-08-02 16:47:35 | 000,000,494 | ---- | M] () -- C:\Users\Lecho\Desktop\OS (C).lnk
[2010-08-02 16:40:07 | 000,000,528 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-08-02 14:00:04 | 000,000,542 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010-08-02 13:43:21 | 000,524,288 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-02 13:43:21 | 000,524,288 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-02 13:43:21 | 000,065,536 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-02 12:03:19 | 000,000,640 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-02 11:38:52 | 000,000,020 | -HS- | M] () -- C:\Users\Lecho\ntuser.ini
[2010-07-30 06:22:35 | 000,000,048 | ---- | M] () -- C:\597.ini
[2010-07-28 11:54:07 | 000,440,832 | ---- | M] ( ) -- C:\38856.exe
[2010-07-10 00:38:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-28 13:14:45 | 000,020,941 | ---- | C] () -- C:\Users\Lecho\Desktop\blad.jpg
[2010-08-25 17:53:41 | 000,000,747 | ---- | C] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL SP.lnk
[2010-08-25 17:53:41 | 000,000,747 | ---- | C] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL MP.lnk
[2010-08-22 23:42:10 | 000,001,568 | ---- | C] () -- C:\Users\Lecho\Desktop\Adobe Photoshop CS2.lnk
[2010-08-22 23:40:55 | 000,001,383 | ---- | C] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2010-08-21 12:47:47 | 007,494,337 | ---- | C] () -- C:\Users\Lecho\Desktop\FIFA10.exe
[2010-08-20 12:02:25 | 000,000,831 | ---- | C] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 10.lnk
[2010-08-09 16:42:05 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-08-03 21:18:26 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-08-03 16:48:41 | 000,000,588 | ---- | C] () -- C:\Users\Lecho\Desktop\JDownloader.lnk
[2010-08-03 16:17:08 | 000,000,669 | ---- | C] () -- C:\Users\Lecho\Desktop\Gadu-Gadu.lnk
[2010-08-03 16:09:08 | 000,002,477 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-08-03 10:22:34 | 000,000,575 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2010-08-03 10:22:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010-08-03 10:17:58 | 046,276,984 | ---- | C] () -- C:\Users\Lecho\AppData\Local\Avast_PRO_PL.exe
[2010-08-03 10:17:58 | 000,159,744 | ---- | C] () -- C:\Users\Lecho\AppData\Local\ac.exe
[2010-08-03 02:32:23 | 3054,882,816 | -HS- | C] () -- C:\hiberfil.sys
[2010-08-02 20:49:47 | 000,000,634 | ---- | C] () -- C:\Users\Lecho\Desktop\ALLPlayer V4.4.lnk
[2010-08-02 20:49:41 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-08-02 20:49:41 | 000,797,184 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2010-08-02 20:49:41 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010-08-02 20:31:11 | 000,561,152 | ---- | C] () -- C:\Users\Lecho\Desktop\Ventrilo.exe
[2010-08-02 20:22:19 | 000,000,048 | ---- | C] () -- C:\597.ini
[2010-08-02 20:22:10 | 000,000,252 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010-08-02 17:00:38 | 502,173,377 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-08-02 16:51:44 | 000,002,432 | ---- | C] () -- C:\Users\Lecho\AppData\Local\TempbU1528.html
[2010-08-02 16:51:44 | 000,002,089 | ---- | C] () -- C:\Users\Lecho\AppData\Local\Temppt1528.html
[2010-08-02 16:47:24 | 000,000,494 | ---- | C] () -- C:\Users\Lecho\Desktop\OS (C).lnk
[2010-08-02 16:47:24 | 000,000,482 | ---- | C] () -- C:\Users\Lecho\Desktop\DATA (D).lnk
[2010-08-02 16:40:07 | 000,000,528 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-08-02 13:53:20 | 000,000,542 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010-08-02 12:03:19 | 000,000,640 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-02 11:38:52 | 000,524,288 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-02 11:38:52 | 000,524,288 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-02 11:38:52 | 000,262,144 | -HS- | C] () -- C:\Users\Lecho\ntuser.dat.LOG1
[2010-08-02 11:38:52 | 000,065,536 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-02 11:38:52 | 000,000,020 | -HS- | C] () -- C:\Users\Lecho\ntuser.ini
[2010-08-02 11:38:52 | 000,000,000 | -HS- | C] () -- C:\Users\Lecho\ntuser.dat.LOG2
[2010-08-02 11:38:51 | 001,572,864 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT
[2010-04-11 18:45:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010-04-11 18:21:14 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010-04-11 18:02:23 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010-04-11 18:02:01 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010-01-08 05:19:07 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010-01-08 05:19:07 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009-08-19 10:33:09 | 000,000,232 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009-07-29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009-04-08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008-05-22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007-06-12 18:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2006-05-19 05:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[1997-06-14 02:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-02 11:58:16 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Asus WebStorage
[2010-08-20 11:49:52 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\DAEMON Tools Lite
[2010-08-03 16:19:04 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu
[2010-08-02 16:51:44 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 10
[2010-08-02 14:48:19 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\GoBoingo
[2010-08-20 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Leadertech
[2009-07-14 07:08:49 | 000,028,730 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-07-28 11:54:07 | 000,440,832 | ---- | M] ( ) -- C:\38856.exe
[2010-07-30 06:22:35 | 000,000,048 | ---- | M] () -- C:\597.ini
[2009-06-15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log
[2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009-07-29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-04-11 18:59:08 | 000,014,525 | ---- | M] () -- C:\devlist.txt
[2010-04-11 18:59:07 | 000,000,009 | ---- | M] () -- C:\Finish.log
[2010-08-30 22:03:29 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-11 18:35:00 | 003,357,381 | ---- | M] () -- C:\inject.log.txt
[2010-03-16 13:11:15 | 002,097,152 | -H-- | M] () -- C:\K52Jc.BIN
[2010-03-22 10:15:58 | 000,000,018 | ---- | M] () -- C:\K52JC_WIN7.10
[2009-06-12 03:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_M.TXT
[2010-08-30 22:03:32 | 4073,177,088 | -HS- | M] () -- C:\pagefile.sys
[2010-04-11 06:11:13 | 000,000,146 | ---- | M] () -- C:\Pass.txt
[2010-02-24 03:41:55 | 000,000,512 | ---- | M] () -- C:\Patch_Win7.log
[2010-03-22 10:15:58 | 000,000,007 | ---- | M] () -- C:\RECOVERY.DAT
[2010-04-11 18:45:22 | 000,000,090 | ---- | M] () -- C:\setup.log
[2006-05-14 10:22:24 | 000,000,005 | ---- | M] () -- C:\store.log
[2010-04-11 17:50:46 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt
[2010-04-11 17:49:33 | 000,000,098 | ---- | M] () -- C:\SumOS.txt
[2009-09-16 20:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010-04-11 18:34:36 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010-04-11 18:34:36 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA
< End of report >
[/log]

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Lecho at 2010-08-30 22:18:23
Microsoft Windows 7 Home Premium
System drive C: has 90 GB (75%) free of 119 GB
Total RAM: 3884 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:30, on 2010-08-30
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
D:\Winamp\winampa.exe
D:\Avast!\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
D:\Mozilla Firefox\firefox.exe
C:\Users\Lecho\Desktop\OTL.exe
C:\Users\Lecho\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Lecho.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Pomocnik rejestrowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\java\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast5] "D:\Avast!\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [ALLUpdate] "D:\ALLPlayerPL\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [EA Core] "D:\FIFA 2010\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winrbe32.rom,POaczpu
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-21-2056769762-963543537-2351675136-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2056769762-963543537-2351675136-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Rejestracja FIFA 10.lnk = D:\FIFA 2010\Support\EAregister.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Avast!\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - D:\Avast!\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - D:\Avast!\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11922 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2010-04-11 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestrowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-11 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-11 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-11 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\java\bin\jp2ssv.dll [2010-08-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-11 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-08-02 2429]
"WinampAgent"=D:\Winamp\winampa.exe [2010-07-12 74752]
"avast5"=D:\Avast!\avastUI.exe [2010-06-28 2837864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"LogMeIn Hamachi Ui"=D:\Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"=D:\ALLPlayerPL\ALLPlayer\ALLUpdate.exe [2010-03-24 1432064]
"EA Core"=D:\FIFA 2010\EADM\Core.exe -silent []
"MSSMSGS"=winrbe32.rom,POaczpu []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Rejestracja FIFA 10.lnk - D:\FIFA 2010\Support\EAregister.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-30 22:18:23 ----D---- C:\rsit
2010-08-30 22:18:23 ----D---- C:\Program Files (x86)\trend micro
2010-08-28 14:05:15 ----D---- C:\Program Files (x86)\Lavalys
2010-08-25 17:38:42 ----D---- C:\Windows\Call of Duty Modern Warfare 2 PL
2010-08-25 10:41:51 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2010-08-22 23:40:34 ----D---- C:\Program Files (x86)\Common Files\Adobe Systems Shared
2010-08-22 16:24:09 ----D---- C:\ProgramData\NVIDIA Corporation
2010-08-22 16:06:56 ----A---- C:\Windows\SysWOW64\OpenCL.dll
2010-08-22 16:06:56 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll
2010-08-22 16:06:56 ----A---- C:\Windows\SysWOW64\nvumdshim.dll
2010-08-22 16:06:54 ----A---- C:\Windows\SysWOW64\nvoglv32.dll
2010-08-22 16:06:54 ----A---- C:\Windows\SysWOW64\nvdecodemft.dll
2010-08-22 16:06:51 ----A---- C:\Windows\SysWOW64\nvd3dum.dll
2010-08-22 16:06:51 ----A---- C:\Windows\SysWOW64\nvcuvid.dll
2010-08-22 16:06:49 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll
2010-08-22 16:06:49 ----A---- C:\Windows\SysWOW64\nvcuda.dll
2010-08-22 16:06:49 ----A---- C:\Windows\SysWOW64\nvcompiler.dll
2010-08-22 16:06:46 ----A---- C:\Windows\SysWOW64\nvapi.dll
2010-08-22 16:06:38 ----D---- C:\NVIDIA
2010-08-22 10:28:47 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2010-08-22 10:28:47 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2010-08-22 10:28:47 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2010-08-22 10:28:45 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2010-08-22 10:28:45 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2010-08-22 10:28:45 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2010-08-22 10:28:41 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2010-08-22 10:28:39 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2010-08-22 10:28:39 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2010-08-22 10:28:39 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2010-08-22 10:28:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2010-08-22 10:28:38 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2010-08-22 10:28:38 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2010-08-22 10:28:36 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2010-08-22 10:28:36 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2010-08-22 10:28:35 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2010-08-22 10:28:35 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2010-08-22 10:28:34 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2010-08-22 10:28:34 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2010-08-22 10:28:34 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2010-08-22 10:28:32 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2010-08-22 10:28:31 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2010-08-22 10:28:31 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2010-08-22 10:28:30 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2010-08-22 10:28:30 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2010-08-22 10:28:30 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2010-08-22 10:28:29 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2010-08-22 10:28:29 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2010-08-22 10:28:28 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2010-08-22 10:28:28 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2010-08-22 10:28:27 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2010-08-22 10:28:27 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2010-08-22 10:28:26 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2010-08-22 10:28:19 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2010-08-22 10:28:19 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2010-08-22 10:22:57 ----D---- C:\Windows\SysWOW64\AGEIA
2010-08-22 10:22:57 ----D---- C:\Program Files (x86)\AGEIA Technologies
2010-08-20 13:31:03 ----D---- C:\ProgramData\Electronic Arts
2010-08-20 12:02:15 ----D---- C:\Users\Lecho\AppData\Roaming\Leadertech
2010-08-20 11:55:09 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2010-08-20 11:55:02 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2010-08-20 11:55:02 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2010-08-20 11:55:02 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2010-08-20 11:35:10 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-08-20 11:34:49 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2010-08-20 11:30:44 ----D---- C:\Users\Lecho\AppData\Roaming\DAEMON Tools Lite
2010-08-12 19:04:46 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-08-12 18:58:24 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-08-12 18:58:24 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-08-12 18:58:14 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-08-12 18:58:12 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-08-12 18:58:09 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-08-12 18:58:08 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-08-12 18:58:08 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-08-12 18:58:07 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-08-12 18:58:07 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-08-12 18:58:00 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-08-12 18:57:58 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-08-12 18:11:24 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-08-09 16:42:05 ----A---- C:\Windows\ODBC.INI
2010-08-09 16:41:28 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2010-08-09 16:41:23 ----D---- C:\Windows\PCHEALTH
2010-08-09 16:41:23 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-08-09 15:27:45 ----D---- C:\ProgramData\Conexant
2010-08-04 13:29:01 ----D---- C:\Users\Lecho\AppData\Roaming\Media Player Classic
2010-08-03 21:18:26 ----A---- C:\Windows\SysWOW64\unrar.dll
2010-08-03 16:38:57 ----D---- C:\ProgramData\Sun
2010-08-03 16:38:56 ----D---- C:\Program Files (x86)\Common Files\Java
2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\javaws.exe
2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\javaw.exe
2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\java.exe
2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2010-08-03 16:19:04 ----D---- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu
2010-08-03 16:09:11 ----D---- C:\Users\Lecho\AppData\Roaming\Skype
2010-08-03 16:08:57 ----D---- C:\ProgramData\Skype
2010-08-03 14:45:15 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-08-03 10:22:01 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2010-08-03 10:21:59 ----D---- C:\ProgramData\Alwil Software
2010-08-03 02:32:31 ----ASH---- C:\pagefile.sys
2010-08-03 02:32:23 ----ASH---- C:\hiberfil.sys
2010-08-02 20:49:41 ----D---- C:\ProgramData\ALLPlayer
2010-08-02 20:49:41 ----A---- C:\Windows\SysWOW64\xvidcore.dll
2010-08-02 20:49:41 ----A---- C:\Windows\SysWOW64\libFLAC.dll
2010-08-02 20:22:19 ----A---- C:\597.ini
2010-08-02 20:22:19 ----A---- C:\38856.exe
2010-08-02 20:22:10 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2010-08-02 20:21:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-08-02 20:15:37 ----D---- C:\Users\Lecho\AppData\Roaming\Ventrilo
2010-08-02 17:43:58 ----D---- C:\Windows\SysWOW64\Wat
2010-08-02 17:00:52 ----D---- C:\Windows\Minidump
2010-08-02 16:50:08 ----D---- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 10
2010-08-02 16:50:05 ----D---- C:\ProgramData\Gadu-Gadu 10
2010-08-02 16:40:06 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-08-02 16:40:04 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-08-02 16:38:57 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-08-02 16:38:54 ----D---- C:\Users\Lecho\AppData\Roaming\Winamp
2010-08-02 15:35:05 ----D---- C:\Users\Lecho\AppData\Roaming\WinRAR
2010-08-02 14:48:19 ----D---- C:\Users\Lecho\AppData\Roaming\GoBoingo
2010-08-02 14:47:02 ----D---- C:\Program Files (x86)\Boingo
2010-08-02 14:47:01 ----D---- C:\ProgramData\GoBoingo
2010-08-02 14:05:04 ----D---- C:\ProgramData\ASUS
2010-08-02 13:53:21 ----D---- C:\Program Files (x86)\Common Files\Steam
2010-08-02 13:47:22 ----D---- C:\Users\Lecho\AppData\Roaming\Macromedia
2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-08-02 13:33:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-08-02 12:26:11 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-08-02 12:26:11 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-08-02 12:23:13 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2010-08-02 12:23:12 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2010-08-02 12:14:39 ----A---- C:\Windows\SysWOW64\ntdll.dll
2010-08-02 12:14:38 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-08-02 12:14:37 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-08-02 12:14:37 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-08-02 12:14:36 ----A---- C:\Windows\SysWOW64\setup16.exe
2010-08-02 12:14:36 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\wow32.dll
2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\user.exe
2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\instnm.exe
2010-08-02 12:14:32 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2010-08-02 12:14:25 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-08-02 12:03:28 ----D---- C:\Users\Lecho\AppData\Roaming\Mozilla
2010-08-02 12:02:30 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-08-02 12:02:29 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-08-02 11:55:10 ----D---- C:\Users\Lecho\AppData\Roaming\Adobe
2010-08-02 11:49:43 ----D---- C:\Users\Lecho\AppData\Roaming\Asus WebStorage
2010-08-02 11:48:59 ----D---- C:\Users\Lecho\AppData\Roaming\Identities
2010-08-02 11:43:37 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2010-08-02 11:43:01 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2010-08-02 11:42:18 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-08-02 11:41:29 ----D---- C:\Program Files (x86)\Microsoft
2010-08-02 11:41:14 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2010-08-02 11:41:08 ----D---- C:\Program Files (x86)\Windows Live
2010-08-02 11:40:00 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2010-08-02 11:39:37 ----HD---- C:\ASUS.DAT
2010-08-02 11:38:51 ----SD---- C:\Users\Lecho\AppData\Roaming\Microsoft
2010-08-02 11:38:51 ----D---- C:\Users\Lecho\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 1 months======

2010-08-30 22:18:27 ----D---- C:\Windows\Temp
2010-08-30 22:18:23 ----RD---- C:\Program Files (x86)
2010-08-30 22:03:45 ----A---- C:\Windows\SysWOW64\log.txt
2010-08-29 20:18:01 ----D---- C:\Windows\Prefetch
2010-08-27 11:18:16 ----SHD---- C:\System Volume Information
2010-08-25 22:45:12 ----D---- C:\Windows\winsxs
2010-08-25 22:44:43 ----D---- C:\Windows\SysWOW64
2010-08-25 22:44:43 ----D---- C:\Windows\System32
2010-08-25 20:11:56 ----D---- C:\Windows\AppPatch
2010-08-25 17:38:42 ----D---- C:\Windows
2010-08-22 23:41:33 ----SHD---- C:\Windows\Installer
2010-08-22 23:41:30 ----D---- C:\Program Files (x86)\Adobe
2010-08-22 23:40:54 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-08-22 23:40:34 ----D---- C:\Program Files (x86)\Common Files
2010-08-22 23:39:48 ----D---- C:\ProgramData\Adobe
2010-08-22 19:52:00 ----D---- C:\Windows\SysWOW64\NV
2010-08-22 16:26:01 ----D---- C:\ProgramData\NVIDIA
2010-08-22 16:24:09 ----HD---- C:\ProgramData
2010-08-22 16:24:02 ----RD---- C:\Program Files
2010-08-22 16:24:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-08-22 16:24:00 ----D---- C:\Windows\inf
2010-08-22 10:28:26 ----RSD---- C:\Windows\assembly
2010-08-20 15:04:00 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2010-08-20 11:55:04 ----D---- C:\Windows\Microsoft.NET
2010-08-20 11:34:56 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-13 13:35:38 ----SD---- C:\ProgramData\Microsoft
2010-08-12 22:37:02 ----D---- C:\Windows\SysWOW64\migration
2010-08-12 21:20:05 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-08-09 16:41:30 ----RSD---- C:\Windows\Fonts
2010-08-09 16:41:29 ----D---- C:\Windows\ShellNew
2010-08-09 16:40:15 ----D---- C:\Windows\system
2010-08-09 16:33:53 ----D---- C:\Program Files (x86)\ASUS
2010-08-09 16:21:57 ----D---- C:\ProgramData\Microsoft Help
2010-08-09 16:21:52 ----D---- C:\Program Files (x86)\Microsoft Office
2010-08-09 16:20:06 ----D---- C:\Program Files (x86)\Common Files\System
2010-08-09 16:17:34 ----A---- C:\Windows\win.ini
2010-08-04 12:51:08 ----D---- C:\Windows\rescache
2010-08-04 02:27:49 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-08-04 02:27:49 ----D---- C:\Program Files (x86)\Windows Media Player
2010-08-04 02:27:49 ----D---- C:\Program Files (x86)\Windows Mail
2010-08-04 02:27:48 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-08-04 02:27:48 ----D---- C:\Program Files (x86)\Windows Defender
2010-08-04 02:27:47 ----D---- C:\Windows\servicing
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\XPSViewer
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\winrm
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\WCN
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\wbem
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\slmgr
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\MUI
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\migwiz
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\DriverStore
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\drivers
2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\Dism
2010-08-04 02:27:46 ----D---- C:\Windows\ehome
2010-08-04 02:27:45 ----D---- C:\Windows\SysWOW64\hu-HU
2010-08-04 02:27:40 ----D---- C:\Windows\SysWOW64\com
2010-08-04 02:27:40 ----D---- C:\Windows\PolicyDefinitions
2010-08-04 02:27:40 ----D---- C:\Windows\IME
2010-08-04 02:27:15 ----D---- C:\Windows\SysWOW64\en-US
2010-08-04 02:27:15 ----D---- C:\Windows\SysWOW64\en
2010-08-04 02:27:15 ----D---- C:\Windows\SysWOW64\drivers\en-US
2010-08-04 02:27:10 ----D---- C:\Windows\SysWOW64\sl-SI
2010-08-04 02:27:07 ----D---- C:\Windows\en-US
2010-08-04 02:26:41 ----D---- C:\Windows\SysWOW64\sk-SK
2010-08-04 02:26:25 ----D---- C:\Windows\SysWOW64\sr-Latn-CS
2010-08-03 18:31:08 ----D---- C:\Windows\SysWOW64\ro-RO
2010-08-03 18:30:01 ----D---- C:\Windows\SysWOW64\lv-LV
2010-08-03 18:28:52 ----D---- C:\Windows\SysWOW64\lt-LT
2010-08-03 18:27:38 ----D---- C:\Windows\SysWOW64\et-EE
2010-08-03 18:26:20 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-08-03 18:24:30 ----D---- C:\Windows\SysWOW64\hr-HR
2010-08-03 18:22:59 ----D---- C:\Windows\SysWOW64\bg-BG
2010-08-03 18:20:10 ----D---- C:\Windows\Speech
2010-08-02 16:39:32 ----D---- C:\Windows\Logs
2010-08-02 14:13:58 ----AD---- C:\ProgramData\Temp
2010-08-02 13:43:25 ----D---- C:\Windows\SysWOW64\pl-PL
2010-08-02 13:38:53 ----D---- C:\Windows\debug
2010-08-02 13:30:33 ----D---- C:\Windows\SoftwareDistribution
2010-08-02 11:48:55 ----SHD---- C:\$Recycle.Bin
2010-08-02 11:38:51 ----RD---- C:\Users
2010-08-02 11:37:00 ----SHD---- C:\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\SysWOW64\drivers\AsDsm.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys []
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys []
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; D:\Avast!\AvastSvc.exe [2010-06-28 40384]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Hamachi\hamachi-2.exe [2010-03-30 1823112]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-07-09 1620584]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Avast!\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; D:\Avast!\AvastSvc.exe [2010-06-28 40384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-11 135664]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-08-22 72704]
S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-11 182768]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2010-04-11 332272]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-08-24 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Odinstaluj Deamon Tools Toolbar.

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()C:\Program Files (x86)\DAEMON Tools Toolbar
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winrbe32.rom,POaczpu

:Files
C:\Users\Lecho\AppData\Local\ac.exe
C:\Users\Lecho\AppData\Local\TempbU1528.html
C:\Users\Lecho\AppData\Local\Temppt1528.html
C:\38856.exe
C:\597.ini

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSSMSGS"=-

Services:
MSSMSGS

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.



Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej:
[code]Filefind:
winrbe32.rom
[/code]
Wciśnij look, pokaż co wyskoczyło.

Wrzuć log z usuwania oraz nowe logi OTL i RSIT.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.