kierpce utworzono 29 sierpnia 2010 utworzono 29 sierpnia 2010 Witam! Od jakiegoś czasu przy starcie systemu wyskakuje mi błąd winrbe32.rom [url="http://img844.imageshack.us/img844/7377/bladg.jpg"]http://img844.images.../7377/bladg.jpg[/url] Wiecie czym może to być spowodowane ? Mój system operacyjny to win7 home edition, a ten błąd zaczął się pojawiać bodajże po zainstalowanie Daemon Toolsa ( odinstalowanie go nic nie pomogło ). Czekam na propozycje. żadnych pomysłów ? [color="#ff0000"] //przenoszę do Bezpieki //raaz[/color]
raazor90 komentarz 29 sierpnia 2010 komentarz 29 sierpnia 2010 Daj loga z OTL i RSIT : http://www.forumpc.pl/index.php?showtopic=104338 temat przenoszę do Bezpieczeństwa
kierpce komentarz 30 sierpnia 2010 Autor komentarz 30 sierpnia 2010 [log]OTL logfile created on: 2010-08-30 22:09:31 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Lecho\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116,44 Gb Total Space | 87,65 Gb Free Space | 75,28% Space Free | Partition Type: NTFS Drive D: | 332,72 Gb Total Space | 262,12 Gb Free Space | 78,78% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LECHO-KOMPUTER Current User Name: Lecho Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-30 22:07:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe PRC - [2010-07-23 04:15:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe PRC - [2010-07-12 18:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- D:\Winamp\winampa.exe PRC - [2010-07-09 16:02:34 | 001,620,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- D:\Avast!\AvastUI.exe PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- D:\Avast!\AvastSvc.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2010-04-11 18:45:35 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010-03-30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- D:\Hamachi\hamachi-2-ui.exe PRC - [2010-02-05 19:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010-02-04 23:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-01-05 22:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010-01-05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-12-15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-11-24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009-11-02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-08-12 12:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe PRC - [2009-07-31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2009-06-24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe PRC - [2009-06-19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009-02-28 02:10:28 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008-12-04 16:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-30 22:07:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe MOD - [2010-07-27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-07-10 00:38:00 | 000,227,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll MOD - [2010-07-10 00:38:00 | 000,185,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll MOD - [2010-07-10 00:38:00 | 000,100,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll MOD - [2010-07-10 00:38:00 | 000,010,856 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2010-04-07 09:10:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2010-03-24 08:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 03:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2009-07-14 03:15:08 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 03:15:07 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-08-24 08:49:57 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-07-09 16:02:34 | 001,620,584 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- D:\Avast!\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- D:\Avast!\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Avast!\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-04-11 18:06:43 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service) SRV - [2010-03-30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2009-12-15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009-06-16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2008-12-08 17:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2008-12-04 16:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-07-03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Mozilla Firefox\components [2010-08-02 12:03:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010-08-10 16:15:18 | 000,000,000 | ---D | M] [2010-08-02 12:03:37 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\mozilla\Extensions [2010-08-30 16:01:39 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\mozilla\Firefox\Profiles\jivrghcy.default\extensions [2010-08-20 11:35:02 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\mozilla\Firefox\Profiles\jivrghcy.default\extensions\DTToolbar@toolbarnet.com O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avast5] D:\Avast!\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk () O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [WinampAgent] D:\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001..\Run: [ALLUpdate] D:\ALLPlayerPL\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001..\Run: [EA Core] D:\FIFA 2010\EADM\Core.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-21-2056769762-963543537-2351675136-1000..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - Startup: C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 10.lnk = D:\FIFA 2010\Support\EAregister.exe (Leader Technologies) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Microsoft Office 2003 PL\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office 2003 PL\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{bf31b242-b041-11df-ad25-485b394bfeb1}\Shell - "" = AutoRun O33 - MountPoints2\{bf31b242-b041-11df-ad25-485b394bfeb1}\Shell\AutoRun\command - "" = H:\Setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]ADSMTray[/b] - hkey= - key= - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) MsConfig:64bit - StartUpReg: [b]ASUS Screen Saver Protector[/b] - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS) MsConfig:64bit - StartUpReg: [b]CLMLServer[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-30 22:07:56 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe [2010-08-28 14:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys [2010-08-25 17:38:42 | 000,000,000 | ---D | C] -- C:\Windows\Call of Duty Modern Warfare 2 PL [2010-08-22 23:43:30 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\Updater [2010-08-22 23:40:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF [2010-08-22 23:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared [2010-08-22 16:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010-08-22 16:06:56 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010-08-22 16:06:38 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010-08-22 10:39:48 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\NFS SHIFT [2010-08-22 10:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2010-08-22 10:22:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA [2010-08-20 14:47:43 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Adobe [2010-08-20 13:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010-08-20 13:31:02 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\FIFA 10 [2010-08-20 12:02:15 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Leadertech [2010-08-20 11:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010-08-20 11:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar [2010-08-20 11:30:44 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\DAEMON Tools Lite [2010-08-09 16:41:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2010-08-09 16:41:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010-08-09 16:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2010-08-09 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Seven Zip [2010-08-09 15:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Conexant [2010-08-09 15:27:44 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Conexant [2010-08-09 15:13:41 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\LogMeIn Hamachi [2010-08-04 13:29:01 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Media Player Classic [2010-08-03 16:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010-08-03 16:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010-08-03 16:19:04 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu [2010-08-03 16:17:08 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Gadu-Gadu [2010-08-03 16:09:11 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Skype [2010-08-03 16:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010-08-03 10:27:12 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr [2010-08-03 10:22:01 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2010-08-03 10:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010-08-02 20:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer [2010-08-02 20:22:19 | 000,440,832 | ---- | C] ( ) -- C:\38856.exe [2010-08-02 20:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010-08-02 20:15:37 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Ventrilo [2010-08-02 17:43:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2010-08-02 17:00:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010-08-02 16:51:44 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\cache [2010-08-02 16:50:08 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 10 [2010-08-02 16:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2010-08-02 16:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010-08-02 16:38:54 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Winamp [2010-08-02 15:37:17 | 000,022,528 | ---- | C] (www.counter-strike.de - MUff[99]) -- C:\Users\Lecho\Desktop\Gamma Control.exe [2010-08-02 15:35:05 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\WinRAR [2010-08-02 14:48:19 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\GoBoingo [2010-08-02 14:47:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boingo [2010-08-02 14:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\GoBoingo [2010-08-02 14:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Desktop\Programy [2010-08-02 14:24:55 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Microsoft Games [2010-08-02 14:05:23 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\ASUS [2010-08-02 14:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS [2010-08-02 14:05:01 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\ASUS [2010-08-02 13:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010-08-02 13:47:22 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Macromedia [2010-08-02 13:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2010-08-02 13:29:49 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Microsoft Help [2010-08-02 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Mozilla [2010-08-02 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Mozilla [2010-08-02 11:55:10 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Adobe [2010-08-02 11:54:12 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Google [2010-08-02 11:49:43 | 000,000,000 | ---D | C] -- C:\Users\Lecho\Documents\ASUS WebStorage [2010-08-02 11:49:43 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Asus WebStorage [2010-08-02 11:49:40 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\SRS Labs [2010-08-02 11:49:08 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Searches [2010-08-02 11:48:59 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Identities [2010-08-02 11:48:56 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Contacts [2010-08-02 11:46:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\eBay [2010-08-02 11:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2010-08-02 11:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2010-08-02 11:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2010-08-02 11:41:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010-08-02 11:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2010-08-02 11:41:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2010-08-02 11:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2010-08-02 11:39:37 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT [2010-08-02 11:39:10 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Power2Go [2010-08-02 11:39:05 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\VirtualStore [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Ustawienia lokalne [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\AppData\Local\Temporary Internet Files [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Szablony [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\SendTo [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Recent [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\PrintHood [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\NetHood [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Documents\Moje wideo [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Documents\Moje obrazy [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Moje dokumenty [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Documents\Moja muzyka [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Menu Start [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\AppData\Local\Historia [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Dane aplikacji [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\AppData\Local\Dane aplikacji [2010-08-02 11:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Lecho\Cookies [2010-08-02 11:38:51 | 000,000,000 | --SD | C] -- C:\Users\Lecho\AppData\Roaming\Microsoft [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Videos [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Saved Games [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Pictures [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Music [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Links [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Favorites [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Downloads [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Documents [2010-08-02 11:38:51 | 000,000,000 | R--D | C] -- C:\Users\Lecho\Desktop [2010-08-02 11:38:51 | 000,000,000 | -H-D | C] -- C:\Users\Lecho\AppData [2010-08-02 11:38:51 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Temp [2010-08-02 11:38:51 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Local\Microsoft [2010-08-02 11:38:51 | 000,000,000 | ---D | C] -- C:\Users\Lecho\AppData\Roaming\Media Center Programs [2008-08-12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-30 22:11:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-08-30 22:07:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Lecho\Desktop\OTL.exe [2010-08-30 22:04:36 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-08-30 22:03:58 | 001,572,864 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT [2010-08-30 22:03:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-08-30 22:03:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-08-30 22:03:29 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys [2010-08-29 16:44:56 | 007,836,135 | -H-- | M] () -- C:\Users\Lecho\AppData\Local\IconCache.db [2010-08-28 13:14:45 | 000,020,941 | ---- | M] () -- C:\Users\Lecho\Desktop\blad.jpg [2010-08-25 17:53:41 | 000,000,747 | ---- | M] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL SP.lnk [2010-08-25 17:53:41 | 000,000,747 | ---- | M] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL MP.lnk [2010-08-22 23:46:15 | 000,108,352 | ---- | M] () -- C:\Users\Lecho\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-22 23:40:55 | 000,001,383 | ---- | M] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2010-08-22 23:40:07 | 000,001,568 | ---- | M] () -- C:\Users\Lecho\Desktop\Adobe Photoshop CS2.lnk [2010-08-20 12:02:25 | 000,000,831 | ---- | M] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 10.lnk [2010-08-09 16:42:05 | 000,000,412 | ---- | M] () -- C:\Windows\ODBC.INI [2010-08-09 16:17:34 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini [2010-08-03 16:48:41 | 000,000,588 | ---- | M] () -- C:\Users\Lecho\Desktop\JDownloader.lnk [2010-08-03 16:17:08 | 000,000,669 | ---- | M] () -- C:\Users\Lecho\Desktop\Gadu-Gadu.lnk [2010-08-03 16:09:08 | 000,002,477 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-08-03 10:27:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2010-08-03 10:22:34 | 000,000,575 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk [2010-08-03 10:20:27 | 046,276,984 | ---- | M] () -- C:\Users\Lecho\AppData\Local\Avast_PRO_PL.exe [2010-08-03 10:20:22 | 000,159,744 | ---- | M] () -- C:\Users\Lecho\AppData\Local\ac.exe [2010-08-03 09:57:02 | 502,173,377 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010-08-03 02:35:10 | 000,064,519 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010-08-02 20:49:47 | 000,000,634 | ---- | M] () -- C:\Users\Lecho\Desktop\ALLPlayer V4.4.lnk [2010-08-02 20:22:13 | 000,000,252 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010-08-02 16:51:44 | 000,002,432 | ---- | M] () -- C:\Users\Lecho\AppData\Local\TempbU1528.html [2010-08-02 16:51:44 | 000,002,089 | ---- | M] () -- C:\Users\Lecho\AppData\Local\Temppt1528.html [2010-08-02 16:47:47 | 000,000,482 | ---- | M] () -- C:\Users\Lecho\Desktop\DATA (D).lnk [2010-08-02 16:47:35 | 000,000,494 | ---- | M] () -- C:\Users\Lecho\Desktop\OS (C).lnk [2010-08-02 16:40:07 | 000,000,528 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk [2010-08-02 14:00:04 | 000,000,542 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010-08-02 13:43:21 | 000,524,288 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-08-02 13:43:21 | 000,524,288 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-08-02 13:43:21 | 000,065,536 | -HS- | M] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-08-02 12:03:19 | 000,000,640 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010-08-02 11:38:52 | 000,000,020 | -HS- | M] () -- C:\Users\Lecho\ntuser.ini [2010-07-30 06:22:35 | 000,000,048 | ---- | M] () -- C:\597.ini [2010-07-28 11:54:07 | 000,440,832 | ---- | M] ( ) -- C:\38856.exe [2010-07-10 00:38:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-28 13:14:45 | 000,020,941 | ---- | C] () -- C:\Users\Lecho\Desktop\blad.jpg [2010-08-25 17:53:41 | 000,000,747 | ---- | C] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL SP.lnk [2010-08-25 17:53:41 | 000,000,747 | ---- | C] () -- C:\Users\Lecho\Desktop\Call of Duty Modern Warfare 2 PL MP.lnk [2010-08-22 23:42:10 | 000,001,568 | ---- | C] () -- C:\Users\Lecho\Desktop\Adobe Photoshop CS2.lnk [2010-08-22 23:40:55 | 000,001,383 | ---- | C] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2010-08-21 12:47:47 | 007,494,337 | ---- | C] () -- C:\Users\Lecho\Desktop\FIFA10.exe [2010-08-20 12:02:25 | 000,000,831 | ---- | C] () -- C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja FIFA 10.lnk [2010-08-09 16:42:05 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2010-08-03 21:18:26 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-08-03 16:48:41 | 000,000,588 | ---- | C] () -- C:\Users\Lecho\Desktop\JDownloader.lnk [2010-08-03 16:17:08 | 000,000,669 | ---- | C] () -- C:\Users\Lecho\Desktop\Gadu-Gadu.lnk [2010-08-03 16:09:08 | 000,002,477 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-08-03 10:22:34 | 000,000,575 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk [2010-08-03 10:22:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2010-08-03 10:17:58 | 046,276,984 | ---- | C] () -- C:\Users\Lecho\AppData\Local\Avast_PRO_PL.exe [2010-08-03 10:17:58 | 000,159,744 | ---- | C] () -- C:\Users\Lecho\AppData\Local\ac.exe [2010-08-03 02:32:23 | 3054,882,816 | -HS- | C] () -- C:\hiberfil.sys [2010-08-02 20:49:47 | 000,000,634 | ---- | C] () -- C:\Users\Lecho\Desktop\ALLPlayer V4.4.lnk [2010-08-02 20:49:41 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-08-02 20:49:41 | 000,797,184 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax [2010-08-02 20:49:41 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2010-08-02 20:31:11 | 000,561,152 | ---- | C] () -- C:\Users\Lecho\Desktop\Ventrilo.exe [2010-08-02 20:22:19 | 000,000,048 | ---- | C] () -- C:\597.ini [2010-08-02 20:22:10 | 000,000,252 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010-08-02 17:00:38 | 502,173,377 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010-08-02 16:51:44 | 000,002,432 | ---- | C] () -- C:\Users\Lecho\AppData\Local\TempbU1528.html [2010-08-02 16:51:44 | 000,002,089 | ---- | C] () -- C:\Users\Lecho\AppData\Local\Temppt1528.html [2010-08-02 16:47:24 | 000,000,494 | ---- | C] () -- C:\Users\Lecho\Desktop\OS (C).lnk [2010-08-02 16:47:24 | 000,000,482 | ---- | C] () -- C:\Users\Lecho\Desktop\DATA (D).lnk [2010-08-02 16:40:07 | 000,000,528 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk [2010-08-02 13:53:20 | 000,000,542 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010-08-02 12:03:19 | 000,000,640 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010-08-02 11:38:52 | 000,524,288 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-08-02 11:38:52 | 000,524,288 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-08-02 11:38:52 | 000,262,144 | -HS- | C] () -- C:\Users\Lecho\ntuser.dat.LOG1 [2010-08-02 11:38:52 | 000,065,536 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-08-02 11:38:52 | 000,000,020 | -HS- | C] () -- C:\Users\Lecho\ntuser.ini [2010-08-02 11:38:52 | 000,000,000 | -HS- | C] () -- C:\Users\Lecho\ntuser.dat.LOG2 [2010-08-02 11:38:51 | 001,572,864 | -HS- | C] () -- C:\Users\Lecho\NTUSER.DAT [2010-04-11 18:45:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll [2010-04-11 18:21:14 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010-04-11 18:02:23 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2010-04-11 18:02:01 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2010-01-08 05:19:07 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010-01-08 05:19:07 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009-08-19 10:33:09 | 000,000,232 | ---- | C] () -- C:\Windows\OOBEPlayer.ini [2009-07-29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009-04-08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll [2008-05-22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg [2007-06-12 18:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico [2006-05-19 05:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [1997-06-14 02:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [color=#E56717]========== LOP Check ==========[/color] [2010-08-02 11:58:16 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Asus WebStorage [2010-08-20 11:49:52 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\DAEMON Tools Lite [2010-08-03 16:19:04 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu [2010-08-02 16:51:44 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 10 [2010-08-02 14:48:19 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\GoBoingo [2010-08-20 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\Lecho\AppData\Roaming\Leadertech [2009-07-14 07:08:49 | 000,028,730 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-07-28 11:54:07 | 000,440,832 | ---- | M] ( ) -- C:\38856.exe [2010-07-30 06:22:35 | 000,000,048 | ---- | M] () -- C:\597.ini [2009-06-15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log [2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2009-07-29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010-04-11 18:59:08 | 000,014,525 | ---- | M] () -- C:\devlist.txt [2010-04-11 18:59:07 | 000,000,009 | ---- | M] () -- C:\Finish.log [2010-08-30 22:03:29 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys [2010-04-11 18:35:00 | 003,357,381 | ---- | M] () -- C:\inject.log.txt [2010-03-16 13:11:15 | 002,097,152 | -H-- | M] () -- C:\K52Jc.BIN [2010-03-22 10:15:58 | 000,000,018 | ---- | M] () -- C:\K52JC_WIN7.10 [2009-06-12 03:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_M.TXT [2010-08-30 22:03:32 | 4073,177,088 | -HS- | M] () -- C:\pagefile.sys [2010-04-11 06:11:13 | 000,000,146 | ---- | M] () -- C:\Pass.txt [2010-02-24 03:41:55 | 000,000,512 | ---- | M] () -- C:\Patch_Win7.log [2010-03-22 10:15:58 | 000,000,007 | ---- | M] () -- C:\RECOVERY.DAT [2010-04-11 18:45:22 | 000,000,090 | ---- | M] () -- C:\setup.log [2006-05-14 10:22:24 | 000,000,005 | ---- | M] () -- C:\store.log [2010-04-11 17:50:46 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt [2010-04-11 17:49:33 | 000,000,098 | ---- | M] () -- C:\SumOS.txt [2009-09-16 20:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2010-04-11 18:34:36 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2010-04-11 18:34:36 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Lecho at 2010-08-30 22:18:23 Microsoft Windows 7 Home Premium System drive C: has 90 GB (75%) free of 119 GB Total RAM: 3884 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:18:30, on 2010-08-30 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe D:\Winamp\winampa.exe D:\Avast!\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe D:\Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe D:\Mozilla Firefox\firefox.exe C:\Users\Lecho\Desktop\OTL.exe C:\Users\Lecho\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Lecho.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Pomocnik rejestrowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\java\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe O4 - HKLM\..\Run: [avast5] "D:\Avast!\avastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [ALLUpdate] "D:\ALLPlayerPL\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKCU\..\Run: [EA Core] "D:\FIFA 2010\EADM\Core.exe" -silent O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winrbe32.rom,POaczpu O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-2056769762-963543537-2351675136-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2056769762-963543537-2351675136-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Rejestracja FIFA 10.lnk = D:\FIFA 2010\Support\EAregister.exe O4 - Global Startup: FancyStart daemon.lnk = ? O4 - Global Startup: SRS Premium Sound.lnk = ? O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: avast! Antivirus - AVAST Software - D:\Avast!\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\Avast!\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\Avast!\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Hamachi\hamachi-2.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11922 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2010-04-11 433648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestrowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-11 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-11 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-11 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - D:\java\bin\jp2ssv.dll [2010-08-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-11 256112] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504] "ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-08-02 2429] "WinampAgent"=D:\Winamp\winampa.exe [2010-07-12 74752] "avast5"=D:\Avast!\avastUI.exe [2010-06-28 2837864] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "LogMeIn Hamachi Ui"=D:\Hamachi\hamachi-2-ui.exe [2010-03-30 1820040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ALLUpdate"=D:\ALLPlayerPL\ALLPlayer\ALLUpdate.exe [2010-03-24 1432064] "EA Core"=D:\FIFA 2010\EADM\Core.exe -silent [] "MSSMSGS"=winrbe32.rom,POaczpu [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe C:\Users\Lecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Rejestracja FIFA 10.lnk - D:\FIFA 2010\Support\EAregister.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-08-30 22:18:23 ----D---- C:\rsit 2010-08-30 22:18:23 ----D---- C:\Program Files (x86)\trend micro 2010-08-28 14:05:15 ----D---- C:\Program Files (x86)\Lavalys 2010-08-25 17:38:42 ----D---- C:\Windows\Call of Duty Modern Warfare 2 PL 2010-08-25 10:41:51 ----A---- C:\Windows\SysWOW64\oleaut32.dll 2010-08-22 23:40:34 ----D---- C:\Program Files (x86)\Common Files\Adobe Systems Shared 2010-08-22 16:24:09 ----D---- C:\ProgramData\NVIDIA Corporation 2010-08-22 16:06:56 ----A---- C:\Windows\SysWOW64\OpenCL.dll 2010-08-22 16:06:56 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll 2010-08-22 16:06:56 ----A---- C:\Windows\SysWOW64\nvumdshim.dll 2010-08-22 16:06:54 ----A---- C:\Windows\SysWOW64\nvoglv32.dll 2010-08-22 16:06:54 ----A---- C:\Windows\SysWOW64\nvdecodemft.dll 2010-08-22 16:06:51 ----A---- C:\Windows\SysWOW64\nvd3dum.dll 2010-08-22 16:06:51 ----A---- C:\Windows\SysWOW64\nvcuvid.dll 2010-08-22 16:06:49 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll 2010-08-22 16:06:49 ----A---- C:\Windows\SysWOW64\nvcuda.dll 2010-08-22 16:06:49 ----A---- C:\Windows\SysWOW64\nvcompiler.dll 2010-08-22 16:06:46 ----A---- C:\Windows\SysWOW64\nvapi.dll 2010-08-22 16:06:38 ----D---- C:\NVIDIA 2010-08-22 10:28:47 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2010-08-22 10:28:47 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll 2010-08-22 10:28:47 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll 2010-08-22 10:28:45 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2010-08-22 10:28:45 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll 2010-08-22 10:28:45 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2010-08-22 10:28:44 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2010-08-22 10:28:43 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2010-08-22 10:28:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2010-08-22 10:28:41 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2010-08-22 10:28:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2010-08-22 10:28:39 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2010-08-22 10:28:39 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2010-08-22 10:28:39 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2010-08-22 10:28:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2010-08-22 10:28:38 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2010-08-22 10:28:38 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2010-08-22 10:28:36 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2010-08-22 10:28:36 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2010-08-22 10:28:35 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2010-08-22 10:28:35 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2010-08-22 10:28:34 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2010-08-22 10:28:34 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2010-08-22 10:28:34 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2010-08-22 10:28:33 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2010-08-22 10:28:32 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2010-08-22 10:28:31 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2010-08-22 10:28:31 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2010-08-22 10:28:30 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2010-08-22 10:28:30 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2010-08-22 10:28:30 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2010-08-22 10:28:29 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2010-08-22 10:28:29 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2010-08-22 10:28:28 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2010-08-22 10:28:28 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2010-08-22 10:28:27 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2010-08-22 10:28:27 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2010-08-22 10:28:26 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2010-08-22 10:28:19 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2010-08-22 10:28:19 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2010-08-22 10:22:57 ----D---- C:\Windows\SysWOW64\AGEIA 2010-08-22 10:22:57 ----D---- C:\Program Files (x86)\AGEIA Technologies 2010-08-20 13:31:03 ----D---- C:\ProgramData\Electronic Arts 2010-08-20 12:02:15 ----D---- C:\Users\Lecho\AppData\Roaming\Leadertech 2010-08-20 11:55:09 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2010-08-20 11:55:08 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2010-08-20 11:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2010-08-20 11:55:02 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2010-08-20 11:55:02 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2010-08-20 11:55:02 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2010-08-20 11:35:10 ----D---- C:\ProgramData\DAEMON Tools Lite 2010-08-20 11:34:49 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar 2010-08-20 11:30:44 ----D---- C:\Users\Lecho\AppData\Roaming\DAEMON Tools Lite 2010-08-12 19:04:46 ----A---- C:\Windows\SysWOW64\schannel.dll 2010-08-12 18:58:24 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2010-08-12 18:58:24 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2010-08-12 18:58:14 ----A---- C:\Windows\SysWOW64\mshtml.dll 2010-08-12 18:58:12 ----A---- C:\Windows\SysWOW64\ieframe.dll 2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\wininet.dll 2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\urlmon.dll 2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\iepeers.dll 2010-08-12 18:58:10 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2010-08-12 18:58:09 ----A---- C:\Windows\SysWOW64\mstime.dll 2010-08-12 18:58:08 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2010-08-12 18:58:08 ----A---- C:\Windows\SysWOW64\ieui.dll 2010-08-12 18:58:07 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2010-08-12 18:58:07 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2010-08-12 18:58:00 ----A---- C:\Windows\SysWOW64\rtutils.dll 2010-08-12 18:57:58 ----A---- C:\Windows\SysWOW64\iccvid.dll 2010-08-12 18:11:24 ----A---- C:\Windows\SysWOW64\msxml3.dll 2010-08-09 16:42:05 ----A---- C:\Windows\ODBC.INI 2010-08-09 16:41:28 ----D---- C:\Program Files (x86)\Common Files\DESIGNER 2010-08-09 16:41:23 ----D---- C:\Windows\PCHEALTH 2010-08-09 16:41:23 ----D---- C:\Program Files (x86)\Microsoft.NET 2010-08-09 15:27:45 ----D---- C:\ProgramData\Conexant 2010-08-04 13:29:01 ----D---- C:\Users\Lecho\AppData\Roaming\Media Player Classic 2010-08-03 21:18:26 ----A---- C:\Windows\SysWOW64\unrar.dll 2010-08-03 16:38:57 ----D---- C:\ProgramData\Sun 2010-08-03 16:38:56 ----D---- C:\Program Files (x86)\Common Files\Java 2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\java.exe 2010-08-03 16:38:43 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-08-03 16:19:04 ----D---- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 2010-08-03 16:09:11 ----D---- C:\Users\Lecho\AppData\Roaming\Skype 2010-08-03 16:08:57 ----D---- C:\ProgramData\Skype 2010-08-03 14:45:15 ----A---- C:\Windows\SysWOW64\shell32.dll 2010-08-03 10:22:01 ----A---- C:\Windows\SysWOW64\aswBoot.exe 2010-08-03 10:21:59 ----D---- C:\ProgramData\Alwil Software 2010-08-03 02:32:31 ----ASH---- C:\pagefile.sys 2010-08-03 02:32:23 ----ASH---- C:\hiberfil.sys 2010-08-02 20:49:41 ----D---- C:\ProgramData\ALLPlayer 2010-08-02 20:49:41 ----A---- C:\Windows\SysWOW64\xvidcore.dll 2010-08-02 20:49:41 ----A---- C:\Windows\SysWOW64\libFLAC.dll 2010-08-02 20:22:19 ----A---- C:\597.ini 2010-08-02 20:22:19 ----A---- C:\38856.exe 2010-08-02 20:22:10 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2010-08-02 20:21:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2010-08-02 20:15:37 ----D---- C:\Users\Lecho\AppData\Roaming\Ventrilo 2010-08-02 17:43:58 ----D---- C:\Windows\SysWOW64\Wat 2010-08-02 17:00:52 ----D---- C:\Windows\Minidump 2010-08-02 16:50:08 ----D---- C:\Users\Lecho\AppData\Roaming\Gadu-Gadu 10 2010-08-02 16:50:05 ----D---- C:\ProgramData\Gadu-Gadu 10 2010-08-02 16:40:06 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2010-08-02 16:40:04 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2010-08-02 16:38:57 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine 2010-08-02 16:38:54 ----D---- C:\Users\Lecho\AppData\Roaming\Winamp 2010-08-02 15:35:05 ----D---- C:\Users\Lecho\AppData\Roaming\WinRAR 2010-08-02 14:48:19 ----D---- C:\Users\Lecho\AppData\Roaming\GoBoingo 2010-08-02 14:47:02 ----D---- C:\Program Files (x86)\Boingo 2010-08-02 14:47:01 ----D---- C:\ProgramData\GoBoingo 2010-08-02 14:05:04 ----D---- C:\ProgramData\ASUS 2010-08-02 13:53:21 ----D---- C:\Program Files (x86)\Common Files\Steam 2010-08-02 13:47:22 ----D---- C:\Users\Lecho\AppData\Roaming\Macromedia 2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll 2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\PresentationHost.exe 2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\netfxperf.dll 2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\mscoree.dll 2010-08-02 13:36:03 ----A---- C:\Windows\SysWOW64\dfshim.dll 2010-08-02 13:33:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-08-02 12:26:11 ----A---- C:\Windows\SysWOW64\sspicli.dll 2010-08-02 12:26:11 ----A---- C:\Windows\SysWOW64\secur32.dll 2010-08-02 12:23:13 ----A---- C:\Windows\SysWOW64\CPFilters.dll 2010-08-02 12:23:12 ----A---- C:\Windows\SysWOW64\psisdecd.dll 2010-08-02 12:14:39 ----A---- C:\Windows\SysWOW64\ntdll.dll 2010-08-02 12:14:38 ----A---- C:\Windows\SysWOW64\inetcomm.dll 2010-08-02 12:14:37 ----A---- C:\Windows\SysWOW64\atmlib.dll 2010-08-02 12:14:37 ----A---- C:\Windows\SysWOW64\atmfd.dll 2010-08-02 12:14:36 ----A---- C:\Windows\SysWOW64\setup16.exe 2010-08-02 12:14:36 ----A---- C:\Windows\SysWOW64\jscript.dll 2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\wow32.dll 2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\vbscript.dll 2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\user.exe 2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2010-08-02 12:14:35 ----A---- C:\Windows\SysWOW64\instnm.exe 2010-08-02 12:14:32 ----A---- C:\Windows\SysWOW64\asycfilt.dll 2010-08-02 12:14:25 ----A---- C:\Windows\SysWOW64\tzres.dll 2010-08-02 12:03:28 ----D---- C:\Users\Lecho\AppData\Roaming\Mozilla 2010-08-02 12:02:30 ----A---- C:\Windows\SysWOW64\cabview.dll 2010-08-02 12:02:29 ----A---- C:\Windows\SysWOW64\wintrust.dll 2010-08-02 11:55:10 ----D---- C:\Users\Lecho\AppData\Roaming\Adobe 2010-08-02 11:49:43 ----D---- C:\Users\Lecho\AppData\Roaming\Asus WebStorage 2010-08-02 11:48:59 ----D---- C:\Users\Lecho\AppData\Roaming\Identities 2010-08-02 11:43:37 ----D---- C:\Program Files (x86)\Microsoft Sync Framework 2010-08-02 11:43:01 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll 2010-08-02 11:42:18 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2010-08-02 11:41:29 ----D---- C:\Program Files (x86)\Microsoft 2010-08-02 11:41:14 ----D---- C:\Program Files (x86)\Windows Live SkyDrive 2010-08-02 11:41:08 ----D---- C:\Program Files (x86)\Windows Live 2010-08-02 11:40:00 ----D---- C:\Program Files (x86)\Common Files\Windows Live 2010-08-02 11:39:37 ----HD---- C:\ASUS.DAT 2010-08-02 11:38:51 ----SD---- C:\Users\Lecho\AppData\Roaming\Microsoft 2010-08-02 11:38:51 ----D---- C:\Users\Lecho\AppData\Roaming\Media Center Programs ======List of files/folders modified in the last 1 months====== 2010-08-30 22:18:27 ----D---- C:\Windows\Temp 2010-08-30 22:18:23 ----RD---- C:\Program Files (x86) 2010-08-30 22:03:45 ----A---- C:\Windows\SysWOW64\log.txt 2010-08-29 20:18:01 ----D---- C:\Windows\Prefetch 2010-08-27 11:18:16 ----SHD---- C:\System Volume Information 2010-08-25 22:45:12 ----D---- C:\Windows\winsxs 2010-08-25 22:44:43 ----D---- C:\Windows\SysWOW64 2010-08-25 22:44:43 ----D---- C:\Windows\System32 2010-08-25 20:11:56 ----D---- C:\Windows\AppPatch 2010-08-25 17:38:42 ----D---- C:\Windows 2010-08-22 23:41:33 ----SHD---- C:\Windows\Installer 2010-08-22 23:41:30 ----D---- C:\Program Files (x86)\Adobe 2010-08-22 23:40:54 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-08-22 23:40:34 ----D---- C:\Program Files (x86)\Common Files 2010-08-22 23:39:48 ----D---- C:\ProgramData\Adobe 2010-08-22 19:52:00 ----D---- C:\Windows\SysWOW64\NV 2010-08-22 16:26:01 ----D---- C:\ProgramData\NVIDIA 2010-08-22 16:24:09 ----HD---- C:\ProgramData 2010-08-22 16:24:02 ----RD---- C:\Program Files 2010-08-22 16:24:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2010-08-22 16:24:00 ----D---- C:\Windows\inf 2010-08-22 10:28:26 ----RSD---- C:\Windows\assembly 2010-08-20 15:04:00 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-08-20 11:55:04 ----D---- C:\Windows\Microsoft.NET 2010-08-20 11:34:56 ----D---- C:\Program Files (x86)\Internet Explorer 2010-08-13 13:35:38 ----SD---- C:\ProgramData\Microsoft 2010-08-12 22:37:02 ----D---- C:\Windows\SysWOW64\migration 2010-08-12 21:20:05 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-08-09 16:41:30 ----RSD---- C:\Windows\Fonts 2010-08-09 16:41:29 ----D---- C:\Windows\ShellNew 2010-08-09 16:40:15 ----D---- C:\Windows\system 2010-08-09 16:33:53 ----D---- C:\Program Files (x86)\ASUS 2010-08-09 16:21:57 ----D---- C:\ProgramData\Microsoft Help 2010-08-09 16:21:52 ----D---- C:\Program Files (x86)\Microsoft Office 2010-08-09 16:20:06 ----D---- C:\Program Files (x86)\Common Files\System 2010-08-09 16:17:34 ----A---- C:\Windows\win.ini 2010-08-04 12:51:08 ----D---- C:\Windows\rescache 2010-08-04 02:27:49 ----D---- C:\Program Files (x86)\Windows Sidebar 2010-08-04 02:27:49 ----D---- C:\Program Files (x86)\Windows Media Player 2010-08-04 02:27:49 ----D---- C:\Program Files (x86)\Windows Mail 2010-08-04 02:27:48 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2010-08-04 02:27:48 ----D---- C:\Program Files (x86)\Windows Defender 2010-08-04 02:27:47 ----D---- C:\Windows\servicing 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\XPSViewer 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\winrm 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\WCN 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\wbem 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\slmgr 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\MUI 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\migwiz 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\DriverStore 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\drivers 2010-08-04 02:27:46 ----D---- C:\Windows\SysWOW64\Dism 2010-08-04 02:27:46 ----D---- C:\Windows\ehome 2010-08-04 02:27:45 ----D---- C:\Windows\SysWOW64\hu-HU 2010-08-04 02:27:40 ----D---- C:\Windows\SysWOW64\com 2010-08-04 02:27:40 ----D---- C:\Windows\PolicyDefinitions 2010-08-04 02:27:40 ----D---- C:\Windows\IME 2010-08-04 02:27:15 ----D---- C:\Windows\SysWOW64\en-US 2010-08-04 02:27:15 ----D---- C:\Windows\SysWOW64\en 2010-08-04 02:27:15 ----D---- C:\Windows\SysWOW64\drivers\en-US 2010-08-04 02:27:10 ----D---- C:\Windows\SysWOW64\sl-SI 2010-08-04 02:27:07 ----D---- C:\Windows\en-US 2010-08-04 02:26:41 ----D---- C:\Windows\SysWOW64\sk-SK 2010-08-04 02:26:25 ----D---- C:\Windows\SysWOW64\sr-Latn-CS 2010-08-03 18:31:08 ----D---- C:\Windows\SysWOW64\ro-RO 2010-08-03 18:30:01 ----D---- C:\Windows\SysWOW64\lv-LV 2010-08-03 18:28:52 ----D---- C:\Windows\SysWOW64\lt-LT 2010-08-03 18:27:38 ----D---- C:\Windows\SysWOW64\et-EE 2010-08-03 18:26:20 ----D---- C:\Windows\SysWOW64\cs-CZ 2010-08-03 18:24:30 ----D---- C:\Windows\SysWOW64\hr-HR 2010-08-03 18:22:59 ----D---- C:\Windows\SysWOW64\bg-BG 2010-08-03 18:20:10 ----D---- C:\Windows\Speech 2010-08-02 16:39:32 ----D---- C:\Windows\Logs 2010-08-02 14:13:58 ----AD---- C:\ProgramData\Temp 2010-08-02 13:43:25 ----D---- C:\Windows\SysWOW64\pl-PL 2010-08-02 13:38:53 ----D---- C:\Windows\debug 2010-08-02 13:30:33 ----D---- C:\Windows\SoftwareDistribution 2010-08-02 11:48:55 ----SHD---- C:\$Recycle.Bin 2010-08-02 11:38:51 ----RD---- C:\Users 2010-08-02 11:37:00 ----SHD---- C:\Recovery ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AsDsm;AsDsm; C:\Windows\SysWOW64\drivers\AsDsm.sys [] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [] R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [] R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [] R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896] R2 avast! Antivirus;avast! Antivirus; D:\Avast!\AvastSvc.exe [2010-06-28 40384] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Hamachi\hamachi-2.exe [2010-03-30 1823112] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-07-09 1620584] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640] R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280] R3 avast! Mail Scanner;avast! Mail Scanner; D:\Avast!\AvastSvc.exe [2010-06-28 40384] R3 avast! Web Scanner;avast! Web Scanner; D:\Avast!\AvastSvc.exe [2010-06-28 40384] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-11 135664] S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-08-22 72704] S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-11 182768] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2010-04-11 332272] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-08-24 407336] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF----------------- [/log]
Tomek01 komentarz 30 sierpnia 2010 komentarz 30 sierpnia 2010 Odinstaluj Deamon Tools Toolbar. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2056769762-963543537-2351675136-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()C:\Program Files (x86)\DAEMON Tools Toolbar O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winrbe32.rom,POaczpu :Files C:\Users\Lecho\AppData\Local\ac.exe C:\Users\Lecho\AppData\Local\TempbU1528.html C:\Users\Lecho\AppData\Local\Temppt1528.html C:\38856.exe C:\597.ini :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {32099AAC-C132-4136-9E9A-4E364A424E17}=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSSMSGS"=- Services: MSSMSGS :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej: [code]Filefind: winrbe32.rom [/code] Wciśnij look, pokaż co wyskoczyło. Wrzuć log z usuwania oraz nowe logi OTL i RSIT.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.