x-kom hosting

Cały czas duże uzycie procesora! :(

tequs1
utworzono
utworzono (edytowane)

Witam! Jestem nowy na forum i trochę "zielony" w tej tematyce. Mam pewien problem od jakiegoś czasu, a mianowicie problem z procesami, które bardzo obciążają procesor. Procesor jest obciążony cały czas ponad 75% gdy nie mam włączonej żadnej gry, tylko programy takie jak Steam lub GG. Zrobiłem aktualizacje windowsa, przeskanowałem cały komputer różnymi programami anty wirusowymi itp. Jednak żadnej poprawy nie widzę. Byłem u kolegi, jego komputer o podobnej konfiguracji, z tym samym windows'em u niego procesor jest obciążony tylko 5%-10%. Myślę, że coś jest nie tak i proszę o pomoc, z góry dziekuję.
Screen, teraz trochę zmalało, ale 60% to i tak dużo :(
[URL=http://img121.imageshack.us/i/omgyr.png/][IMG]http://img121.imageshack.us/img121/3879/omgyr.th.png[/IMG][/URL]

Uploaded with [URL=http://imageshack.us]ImageShack.us[/URL]
Log OTL

[log]ieOTL logfile created on: 2010-12-20 16:58:41 - Run 1
OTL by OldTimer - Version 3.2.17.4 Folder = C:\Users\teq\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,60 Gb Total Space | 13,89 Gb Free Space | 23,70% Space Free | Partition Type: NTFS
Drive D: | 119,36 Gb Total Space | 90,37 Gb Free Space | 75,72% Space Free | Partition Type: NTFS
Drive E: | 120,13 Gb Total Space | 97,78 Gb Free Space | 81,39% Space Free | Partition Type: NTFS

Computer Name: TEQ-PC | User Name: teq | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-20 16:55:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\teq\Downloads\OTL.exe
PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- D:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2010-12-10 18:44:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-12-10 18:44:07 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-11-30 17:26:12 | 000,749,384 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
PRC - [2010-11-17 15:08:49 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010-11-17 14:07:37 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Gry\Steam\steam.exe
PRC - [2010-11-10 19:08:04 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
PRC - [2010-11-10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010-10-22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010-10-22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-20 16:55:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\teq\Downloads\OTL.exe
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-12-11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 02:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-09-29 02:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-11-17 15:08:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-11-10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010-10-22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-12-06 10:17:24 | 000,169,656 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:[b]64bit:[/b] - [2010-11-26 10:11:08 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:[b]64bit:[/b] - [2010-11-14 16:09:44 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-11-09 22:20:56 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2010-09-29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010-09-29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-09-29 02:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010-09-13 15:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:[b]64bit:[/b] - [2010-09-07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2010-09-07 03:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2010-09-07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2010-08-19 20:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2010-08-19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:[b]64bit:[/b] - [2010-08-16 11:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2010-03-22 10:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:36 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:34 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:24 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:22 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:48 | 000,378,368 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-04 17:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2009-04-03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2008-06-18 04:20:32 | 000,181,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV - [2010-11-15 15:01:19 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.pl"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010-12-19 20:38:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-10 18:44:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-12-10 19:52:53 | 000,000,000 | ---D | M]

[2010-11-14 14:09:31 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\mozilla\Extensions
[2010-12-19 20:39:27 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\mozilla\Firefox\Profiles\uuyclrp4.default\extensions
[2010-11-14 16:10:03 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\mozilla\Firefox\Profiles\uuyclrp4.default\extensions\DTToolbar@toolbarnet.com
[2010-11-15 20:33:42 | 000,002,567 | ---- | M] () -- C:\Users\teq\AppData\Roaming\Mozilla\FireFox\Profiles\uuyclrp4.default\searchplugins\askcom.xml
[2010-11-14 16:10:01 | 000,002,059 | ---- | M] () -- C:\Users\teq\AppData\Roaming\Mozilla\FireFox\Profiles\uuyclrp4.default\searchplugins\daemon-search.xml
[2010-11-22 15:52:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-11-14 19:12:18 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-11-22 15:52:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-11-14 15:06:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010-11-22 15:52:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:[b]64bit:[/b] - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001..\Run: [Steam] D:\Gry\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{70652b13-f001-11df-960b-001fd09eddd0}\Shell - "" = AutoRun
O33 - MountPoints2\{70652b13-f001-11df-960b-001fd09eddd0}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{b514e286-f8a1-11df-9f1c-001fd09eddd0}\Shell - "" = AutoRun
O33 - MountPoints2\{b514e286-f8a1-11df-9f1c-001fd09eddd0}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Pliki programów (x86)\AVG\AVG10\avgchsva.exe File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Pliki programów (x86)\AVG\AVG10\avgrsa.exe File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE - File not found
MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
MsConfig:64bit - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig:64bit - StartUpReg: [b]ESL Wire[/b] - hkey= - key= - C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
MsConfig:64bit - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - D:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-20 16:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJack
[2010-12-20 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010-12-19 23:00:08 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Malwarebytes
[2010-12-19 23:00:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-12-19 23:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-12-19 22:59:59 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-12-19 22:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-12-19 22:08:29 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\AVG
[2010-12-19 22:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-12-19 20:41:31 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\AVG10
[2010-12-19 20:39:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010-12-19 20:39:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2010-12-19 20:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010-12-19 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2010-12-19 20:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010-12-19 20:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010-12-19 19:38:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010-12-19 18:13:53 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Google
[2010-12-14 19:58:17 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010-12-14 19:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative
[2010-12-14 19:55:04 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Media Player Classic
[2010-12-14 19:47:22 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\BESTplayer
[2010-12-10 19:52:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010-12-10 19:52:41 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Winamp
[2010-12-10 19:51:59 | 000,000,000 | ---D | C] -- C:\Users\teq\Desktop\Muza
[2010-12-09 19:53:05 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\Any Video Converter
[2010-12-09 19:52:08 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\AnvSoft
[2010-12-09 19:42:30 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\OJOsoft Corporation
[2010-12-08 19:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010-12-08 19:27:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\uTorrent
[2010-12-08 18:50:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010-12-07 21:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer
[2010-12-07 21:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLPlayer
[2010-12-07 16:23:53 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\ESL Wire Game Client
[2010-12-07 15:39:03 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\Nowy folder
[2010-12-07 14:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-12-07 14:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-12-07 14:30:55 | 000,169,656 | ---- | C] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2010-12-07 14:30:50 | 000,025,528 | ---- | C] (Turtle Entertainment GmbH) -- C:\Windows\SysNative\drivers\ESLvnic.sys
[2010-12-07 14:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2010-12-07 14:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ESL Wire
[2010-12-07 14:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010-12-07 14:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-12-07 14:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010-12-07 14:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010-12-07 14:14:21 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Adobe
[2010-12-07 14:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010-12-05 12:25:33 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Microsoft Games
[2010-12-02 15:34:30 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Ahead
[2010-12-02 15:28:05 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Ahead
[2010-12-02 15:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010-12-02 15:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010-12-02 15:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010-12-02 15:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2010-12-01 14:27:48 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Rockstar Games
[2010-11-22 15:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-11-22 15:53:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-11-22 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010-11-21 20:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010-11-21 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\TrackMania
[2010-11-15 21:26:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-11-15 20:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2010-11-15 20:05:31 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010-11-15 16:05:41 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Diagnostics
[2010-11-15 15:59:01 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010-11-15 15:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-11-15 15:57:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-11-15 15:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010-11-15 15:19:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Ventrilo
[2010-11-15 14:40:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010-11-15 14:40:30 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010-11-15 14:40:30 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010-11-15 14:40:30 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010-11-15 14:40:30 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010-11-15 14:40:27 | 006,430,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe
[2010-11-15 14:40:27 | 000,245,248 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010-11-15 14:40:27 | 000,160,768 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll
[2010-11-15 14:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010-11-15 14:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010-11-15 14:40:08 | 000,146,528 | ---- | C] (DeviceVM Inc.) -- C:\Windows\SysWow64\dvmurl.dll
[2010-11-15 14:40:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-11-15 14:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browser Configuration Utility
[2010-11-15 13:54:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2010-11-14 19:13:45 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\skypePM
[2010-11-14 19:11:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010-11-14 19:11:26 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Skype
[2010-11-14 19:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010-11-14 19:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-11-14 16:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010-11-14 16:09:15 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\DAEMON Tools Lite
[2010-11-14 16:09:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-11-14 15:54:00 | 000,000,000 | ---D | C] -- C:\AMD
[2010-11-14 15:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2010-11-14 15:53:39 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\ATI
[2010-11-14 15:53:39 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\ATI
[2010-11-14 15:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-11-14 15:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010-11-14 15:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2010-11-14 15:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010-11-14 15:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-11-14 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-11-14 15:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-11-14 15:33:36 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Gadu-Gadu 10
[2010-11-14 15:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010-11-14 15:25:49 | 000,000,000 | ---D | C] -- C:\ATI
[2010-11-14 15:24:33 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\ipla
[2010-11-14 15:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2010-11-14 15:24:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ipla
[2010-11-14 15:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010-11-14 15:04:59 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-11-14 14:53:39 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Macromedia
[2010-11-14 14:53:38 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Adobe
[2010-11-14 14:52:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010-11-14 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Mozilla
[2010-11-14 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Mozilla
[2010-11-14 14:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-11-14 14:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-11-14 13:57:40 | 000,000,000 | R--D | C] -- C:\Users\teq\Searches
[2010-11-14 13:57:32 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Identities
[2010-11-14 13:57:30 | 000,000,000 | R--D | C] -- C:\Users\teq\Contacts
[2010-11-14 13:57:29 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\VirtualStore
[2010-11-14 13:57:23 | 000,000,000 | --SD | C] -- C:\Users\teq\AppData\Roaming\Microsoft
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Videos
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Saved Games
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Pictures
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Music
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Links
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Favorites
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Downloads
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Documents
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Desktop
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Ustawienia lokalne
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\AppData\Local\Temporary Internet Files
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Szablony
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\SendTo
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Recent
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\PrintHood
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\NetHood
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Documents\Moje wideo
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Documents\Moje obrazy
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Moje dokumenty
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Documents\Moja muzyka
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Menu Start
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\AppData\Local\Historia
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Dane aplikacji
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\AppData\Local\Dane aplikacji
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Cookies
[2010-11-14 13:57:23 | 000,000,000 | -H-D | C] -- C:\Users\teq\AppData
[2010-11-14 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Temp
[2010-11-14 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Microsoft
[2010-11-14 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Media Center Programs
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-11-14 13:51:56 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-11-14 13:49:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-11-14 13:49:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-11-14 13:48:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-11-14 13:48:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2010-11-14 13:47:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2010-11-09 22:20:56 | 000,382,032 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-20 16:48:50 | 000,002,979 | ---- | M] () -- C:\Users\teq\Desktop\HiJackThis.lnk
[2010-12-20 16:13:27 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-12-20 16:13:27 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-12-20 16:07:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-12-20 16:07:41 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-12-20 16:07:18 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010-12-20 14:42:15 | 102,174,475 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010-12-19 22:07:29 | 000,001,181 | ---- | M] () -- C:\Users\teq\Desktop\AVG PC Tuneup 2011.lnk
[2010-12-19 20:39:28 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010-12-19 20:39:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010-12-19 20:39:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010-12-19 18:13:55 | 000,002,304 | ---- | M] () -- C:\Users\teq\Desktop\Google Chrome.lnk
[2010-12-10 20:46:11 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-12-10 20:46:11 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-12-10 20:46:11 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-12-10 20:46:11 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-12-10 20:46:11 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-12-10 19:53:18 | 000,000,692 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-12-10 15:34:10 | 000,000,716 | ---- | M] () -- C:\Users\teq\Desktop\HLTooLz.LNK
[2010-12-09 19:52:20 | 000,000,789 | ---- | M] () -- C:\Users\teq\Desktop\Any Video Converter.lnk
[2010-12-09 19:49:23 | 000,003,584 | ---- | M] () -- C:\Users\teq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-08 19:31:16 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-12-08 18:48:52 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2010-12-07 21:52:48 | 000,001,023 | ---- | M] () -- C:\Users\teq\Desktop\ALLPlayer V4.5.lnk
[2010-12-07 14:49:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-12-07 14:15:47 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader.lnk
[2010-12-06 10:17:24 | 000,169,656 | ---- | M] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2010-12-05 12:17:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-12-02 15:33:55 | 000,002,770 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-11-29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-11-29 14:14:55 | 000,000,693 | ---- | M] () -- C:\Users\teq\Desktop\Battlefield 1942.lnk
[2010-11-26 10:11:08 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) -- C:\Windows\SysNative\drivers\ESLvnic.sys
[2010-11-25 18:29:11 | 000,000,535 | ---- | M] () -- C:\Windows\eReg.dat
[2010-11-21 14:07:48 | 000,000,205 | ---- | M] () -- C:\Users\teq\Desktop\TrackMania Nations Forever.url
[2010-11-15 21:34:22 | 000,000,017 | ---- | M] () -- C:\Users\teq\AppData\Local\resmon.resmoncfg
[2010-11-15 21:26:06 | 307,027,071 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-11-15 21:15:33 | 000,000,905 | ---- | M] () -- C:\Users\teq\Desktop\Shaiya.lnk
[2010-11-15 21:05:24 | 000,001,214 | ---- | M] () -- C:\Users\teq\Desktop\Need for Speed Undercover.lnk
[2010-11-15 20:07:46 | 000,000,769 | ---- | M] () -- C:\Users\teq\Desktop\EVEREST Home Edition.lnk
[2010-11-15 20:05:31 | 000,000,741 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010-11-15 16:07:40 | 000,000,222 | ---- | M] () -- C:\Users\teq\Desktop\Counter-Strike.url
[2010-11-15 15:29:40 | 000,000,414 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010-11-15 15:01:16 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2010-11-14 19:13:50 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010-11-14 19:11:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-11-14 16:10:01 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-11-14 16:09:44 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-11-14 15:36:31 | 000,001,107 | ---- | M] () -- C:\Users\teq\Desktop\Ventrilo.lnk
[2010-11-14 15:31:48 | 000,001,071 | ---- | M] () -- C:\Users\teq\Desktop\WinRAR.lnk
[2010-11-14 15:24:32 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\ipla.lnk
[2010-11-14 15:05:58 | 000,000,712 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-11-14 15:02:41 | 000,000,203 | ---- | M] () -- C:\Users\teq\Desktop\Counter-Strike Source.url
[2010-11-14 15:02:16 | 000,001,247 | ---- | M] () -- C:\Users\teq\Desktop\GTAIV.lnk
[2010-11-14 14:09:23 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-11-14 14:04:01 | 000,000,901 | ---- | M] () -- C:\Users\teq\Desktop\Steam.lnk
[2010-11-14 13:57:11 | 000,171,136 | RHS- | M] () -- C:\W7LDR
[2010-11-14 13:53:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-11-14 13:53:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-11-14 13:51:37 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-11-14 13:48:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-11-09 22:20:56 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-20 16:48:50 | 000,002,979 | ---- | C] () -- C:\Users\teq\Desktop\HiJackThis.lnk
[2010-12-20 14:42:15 | 102,174,475 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010-12-19 22:07:29 | 000,001,181 | ---- | C] () -- C:\Users\teq\Desktop\AVG PC Tuneup 2011.lnk
[2010-12-19 20:39:28 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010-12-19 20:39:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010-12-19 20:39:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010-12-19 18:13:55 | 000,002,304 | ---- | C] () -- C:\Users\teq\Desktop\Google Chrome.lnk
[2010-12-10 19:53:18 | 000,000,692 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-12-10 15:34:10 | 000,000,716 | ---- | C] () -- C:\Users\teq\Desktop\HLTooLz.LNK
[2010-12-09 19:52:20 | 000,000,789 | ---- | C] () -- C:\Users\teq\Desktop\Any Video Converter.lnk
[2010-12-09 19:49:23 | 000,003,584 | ---- | C] () -- C:\Users\teq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-09 19:48:57 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-12-08 19:31:16 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-12-07 21:52:48 | 000,001,023 | ---- | C] () -- C:\Users\teq\Desktop\ALLPlayer V4.5.lnk
[2010-12-07 21:52:45 | 000,797,184 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2010-12-07 21:52:45 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-12-07 21:52:45 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010-12-07 14:49:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010-12-07 14:30:54 | 000,000,779 | ---- | C] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2010-12-07 14:15:47 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader.lnk
[2010-12-05 12:17:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-12-02 15:33:55 | 000,002,770 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010-11-29 14:14:55 | 000,000,693 | ---- | C] () -- C:\Users\teq\Desktop\Battlefield 1942.lnk
[2010-11-25 18:29:11 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2010-11-21 14:07:48 | 000,000,205 | ---- | C] () -- C:\Users\teq\Desktop\TrackMania Nations Forever.url
[2010-11-15 21:34:22 | 000,000,017 | ---- | C] () -- C:\Users\teq\AppData\Local\resmon.resmoncfg
[2010-11-15 21:26:06 | 307,027,071 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-11-15 21:15:33 | 000,000,905 | ---- | C] () -- C:\Users\teq\Desktop\Shaiya.lnk
[2010-11-15 21:05:24 | 000,001,214 | ---- | C] () -- C:\Users\teq\Desktop\Need for Speed Undercover.lnk
[2010-11-15 20:07:46 | 000,000,769 | ---- | C] () -- C:\Users\teq\Desktop\EVEREST Home Edition.lnk
[2010-11-15 20:05:31 | 000,000,741 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010-11-15 15:59:01 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010-11-15 15:29:40 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010-11-15 14:40:57 | 000,000,553 | R--- | C] () -- C:\Windows\USetup.iss
[2010-11-15 14:40:29 | 000,666,112 | ---- | C] () -- C:\Windows\SysNative\RTCOM64.dll
[2010-11-15 14:39:33 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010-11-14 19:13:50 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-11-14 19:11:26 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-11-14 16:10:01 | 000,000,853 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-11-14 16:09:44 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-11-14 15:36:31 | 000,001,107 | ---- | C] () -- C:\Users\teq\Desktop\Ventrilo.lnk
[2010-11-14 15:31:48 | 000,001,071 | ---- | C] () -- C:\Users\teq\Desktop\WinRAR.lnk
[2010-11-14 15:24:32 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\ipla.lnk
[2010-11-14 15:05:58 | 000,000,712 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-11-14 15:02:41 | 000,000,203 | ---- | C] () -- C:\Users\teq\Desktop\Counter-Strike Source.url
[2010-11-14 15:02:34 | 000,000,222 | ---- | C] () -- C:\Users\teq\Desktop\Counter-Strike.url
[2010-11-14 15:02:16 | 000,001,247 | ---- | C] () -- C:\Users\teq\Desktop\GTAIV.lnk
[2010-11-14 14:09:23 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-11-14 14:04:01 | 000,000,901 | ---- | C] () -- C:\Users\teq\Desktop\Steam.lnk
[2010-11-14 13:57:11 | 000,171,136 | RHS- | C] () -- C:\W7LDR
[2010-11-14 13:51:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-11-14 13:49:08 | 3220,037,632 | -HS- | C] () -- C:\hiberfil.sys
[2010-11-14 13:48:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010-11-14 13:48:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-09 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\AnvSoft
[2010-12-19 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\AVG
[2010-12-19 20:41:31 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\AVG10
[2010-12-14 19:48:07 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\BESTplayer
[2010-11-25 18:01:09 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\DAEMON Tools Lite
[2010-12-19 17:10:25 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\Gadu-Gadu 10
[2010-11-14 15:24:56 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\ipla
[2010-12-14 21:02:26 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\uTorrent
[2009-07-14 06:08:49 | 000,031,270 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010-11-14 13:48:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-11-15 15:01:38 | 000,000,010 | ---- | M] () -- C:\csb.log
[2010-12-20 16:07:18 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010-12-20 16:07:18 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys
[2010-11-15 14:40:57 | 000,000,703 | ---- | M] () -- C:\RHDSetup.log
[2010-11-14 13:57:11 | 000,171,136 | RHS- | M] () -- C:\W7LDR


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >[/log]

OTL Extras

[log]OTL Extras logfile created on: 2010-12-20 16:58:41 - Run 1
OTL by OldTimer - Version 3.2.17.4 Folder = C:\Users\teq\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,60 Gb Total Space | 13,89 Gb Free Space | 23,70% Space Free | Partition Type: NTFS
Drive D: | 119,36 Gb Total Space | 90,37 Gb Free Space | 75,72% Space Free | Partition Type: NTFS
Drive E: | 120,13 Gb Total Space | 97,78 Gb Free Space | 81,39% Space Free | Partition Type: NTFS

Computer Name: TEQ-PC | User Name: teq | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1797179490-3010039804-1124486631-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{24BEFDE1-A699-4139-B61B-B1102FDE7279}" = AVG 2011
"{34BD24DF-3B6F-8661-D4F0-0EBCACA2C834}" = ccc-utility64
"{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
"{8FCBB6DA-069C-8D08-DD99-F0881B9EECC3}" = AMD Drag and Drop Transcoding
"{CACBDC26-D504-49ED-3FEC-0CDDB3700240}" = ATI Catalyst Install Manager
"{E4C703FE-7F5C-475D-9458-8E2FD7110790}" = AVG 2011
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"AVG" = AVG 2011
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"ESL Wire_is1" = ESL Wire 1.9.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1DE1B0F3-5897-4C66-BA18-F8A9E95FAE5C}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D481F91-44BA-F0FE-CD07-8B3429A2A821}" = Catalyst Control Center Graphics Previews Common
"{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}" = LG Android Driver
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{543A0462-62A8-59CA-8EA7-B2173DA96DAC}" = CCC Help English
"{54862F37-FB81-FDD7-0E47-8E01858213FD}" = Application Profiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5809A31C-32FB-35CA-E1D2-0B898119E15F}" = Catalyst Control Center InstallProxy
"{66EBD70F-A42C-475F-AEDF-277378151045}" = Nero 7 Essentials
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{6F868980-FF49-011B-2C95-409F199B9C19}" = Catalyst Control Center Graphics Previews Vista
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter_is1" = Any Video Converter 3.1.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"ipla" = ipla 2.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"RealAlt_is1" = Real Alternative 2.0.2
"ST6UNST #1" = HLTooLz
"ST6UNST #2" = HLTooLz (D:\Program Files (x86)\HLTooLz\)
"Steam App 11020" = TrackMania Nations Forever
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1797179490-3010039804-1124486631-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-12-19 15:37:36 | Computer Name = teq-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez
Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to
back up image of binary aswSP. System Error: Nie można odnaleźć określonego pliku.
.

Error - 2010-12-19 15:37:36 | Computer Name = teq-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez
Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to
back up image of binary avast! Network Shield Support. System Error: Nie można odnaleźć
określonego pliku. .

Error - 2010-12-19 15:37:36 | Computer Name = teq-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez
Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to
back up image of service avast! Antivirus since QueryServiceConfig API failed System
Error: Nie można odnaleźć określonego pliku. .

Error - 2010-12-19 15:40:36 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 15:40:36 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 17:39:01 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 17:39:01 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 18:01:09 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-20 02:09:51 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-20 09:35:59 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

[ Media Center Events ]
Error - 2010-11-28 14:04:59 | Computer Name = teq-PC | Source = MCUpdate | ID = 0
Description = 19:04:59 - Błąd podczas nawiązywania połączenia z Internetem. 19:04:59
- Nie można skontaktować się z serwerem..

Error - 2010-11-28 14:06:12 | Computer Name = teq-PC | Source = MCUpdate | ID = 0
Description = 19:06:12 - Błąd podczas nawiązywania połączenia z Internetem. 19:06:12
- Nie można skontaktować się z serwerem..

Error - 2010-12-01 09:01:29 | Computer Name = teq-PC | Source = MCUpdate | ID = 0
Description = 14:01:29 - Błąd podczas nawiązywania połączenia z Internetem. 14:01:29
- Nie można skontaktować się z serwerem..

[ System Events ]
Error - 2010-12-19 17:39:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Klient śledzenia łączy rozproszonych niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca
czynność korekcyjna: Uruchom usługę ponownie.

Error - 2010-12-19 17:39:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Menedżer sesji Menedżera okien pulpitu niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca
czynność korekcyjna: Uruchom usługę ponownie.

Error - 2010-12-19 17:39:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7034
Description = Usługa Host systemu diagnostyki niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2010-12-19 17:39:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Autokonfiguracja sieci WLAN niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca
czynność korekcyjna: Uruchom usługę ponownie.

Error - 2010-12-19 17:39:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Usługa modułu wyliczającego urządzenia przenośne niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie
podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error - 2010-12-19 17:39:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Windows Driver Foundation — User-mode Driver Framework niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie
podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error - 2010-12-19 17:40:31 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
usługę ponownie) po nieoczekiwanym zakończeniu usługi Usługa Asystent zgodności
programów, ale ta akcja nie powiodła się przy następującym błędzie: %%1056.

Error - 2010-12-20 09:34:55 | Computer Name = teq-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 07:16:02 na ?2010-?12-?20 było
nieoczekiwane.

Error - 2010-12-20 10:53:27 | Computer Name = teq-PC | Source = bowser | ID = 8003
Description =

Error - 2010-12-20 11:19:21 | Computer Name = teq-PC | Source = bowser | ID = 8003
Description =


< End of report >[/log]

RSIT log

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by teq at 2010-12-20 17:09:10
Microsoft Windows 7 Ultimate
System drive C: has 14 GB (24%) free of 60 GB
Total RAM: 4094 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:09:15, on 2010-12-20
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\teq\Downloads\OTL.exe
C:\Users\teq\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\teq.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Steam] "D:\Gry\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7201 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-10 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2010-11-04 2731360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2010-11-29 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Gry\Steam\steam.exe [2010-11-17 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-20 17:09:10 ----D---- C:\rsit
2010-12-20 17:09:10 ----D---- C:\Program Files (x86)\trend micro
2010-12-20 16:48:50 ----D---- C:\Program Files (x86)\HiJack
2010-12-20 15:53:50 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2010-12-20 15:48:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-12-20 15:37:17 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2010-12-20 15:37:12 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-12-20 15:37:11 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-12-20 15:37:09 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-12-20 15:36:59 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-12-20 15:36:42 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-12-20 15:36:41 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-12-20 15:36:41 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-12-20 15:36:40 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-12-20 15:36:39 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-12-20 15:36:39 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-12-20 15:36:39 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-12-20 15:36:35 ----A---- C:\Windows\SysWOW64\comctl32.dll
2010-12-20 15:36:32 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-12-20 15:36:28 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-12-20 15:36:27 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-12-20 15:36:19 ----A---- C:\Windows\SysWOW64\explorer.exe
2010-12-20 15:36:19 ----A---- C:\Windows\explorer.exe
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\taskschd.dll
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\taskeng.exe
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\schtasks.exe
2010-12-20 15:36:13 ----A---- C:\Windows\SysWOW64\ole32.dll
2010-12-20 15:36:11 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-12-20 15:36:11 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-12-20 15:36:09 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-12-20 15:36:09 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\quartz.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\msyuv.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\msrle32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\avifil32.dll
2010-12-20 15:36:03 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-12-20 15:36:01 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-12-20 15:36:00 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-12-20 15:35:59 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-12-20 15:35:58 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2010-12-20 15:35:57 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-12-20 15:35:55 ----A---- C:\Windows\SysWOW64\webio.dll
2010-12-20 15:35:54 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-12-20 15:35:53 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-12-20 15:35:52 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2010-12-20 15:35:48 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-12-20 15:35:47 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2010-12-20 15:35:46 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-12-20 15:35:43 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-12-20 15:35:28 ----A---- C:\Windows\SysWOW64\sscore.dll
2010-12-20 15:35:16 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2010-12-20 15:35:16 ----A---- C:\Windows\SysWOW64\mfc40.dll
2010-12-20 15:35:09 ----A---- C:\Windows\SysWOW64\msasn1.dll
2010-12-19 23:00:08 ----D---- C:\Users\teq\AppData\Roaming\Malwarebytes
2010-12-19 23:00:02 ----D---- C:\ProgramData\Malwarebytes
2010-12-19 23:00:02 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
2010-12-19 22:59:59 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-19 22:08:29 ----D---- C:\Users\teq\AppData\Roaming\AVG
2010-12-19 22:07:37 ----AD---- C:\ProgramData\TEMP
2010-12-19 20:41:31 ----D---- C:\Users\teq\AppData\Roaming\AVG10
2010-12-19 20:39:43 ----HD---- C:\ProgramData\Common Files
2010-12-19 20:39:20 ----D---- C:\Windows\SysWOW64\drivers\AVG
2010-12-19 20:38:27 ----D---- C:\ProgramData\AVG10
2010-12-19 20:35:26 ----D---- C:\Program Files (x86)\AVG
2010-12-19 20:34:00 ----D---- C:\ProgramData\MFAData
2010-12-19 18:51:10 ----A---- C:\Windows\ntbtlog.txt
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\rmoc3260.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\pndx5032.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\pndx5016.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\pncrt.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\msvcp71.dll
2010-12-14 19:58:16 ----D---- C:\Program Files (x86)\Real Alternative
2010-12-14 19:55:04 ----D---- C:\Users\teq\AppData\Roaming\Media Player Classic
2010-12-14 19:47:22 ----D---- C:\Users\teq\AppData\Roaming\BESTplayer
2010-12-10 19:53:17 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-12-10 19:53:17 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-12-10 19:52:43 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-12-10 19:52:41 ----D---- C:\Users\teq\AppData\Roaming\Winamp
2010-12-09 19:52:08 ----D---- C:\Users\teq\AppData\Roaming\AnvSoft
2010-12-09 19:48:57 ----A---- C:\Windows\SysWOW64\xvidvfw.dll
2010-12-08 19:31:16 ----D---- C:\Program Files (x86)\uTorrent
2010-12-08 19:27:25 ----D---- C:\Users\teq\AppData\Roaming\uTorrent
2010-12-08 18:50:23 ----D---- C:\Windows\pss
2010-12-07 21:52:45 ----D---- C:\ProgramData\ALLPlayer
2010-12-07 21:52:45 ----A---- C:\Windows\SysWOW64\xvidcore.dll
2010-12-07 21:52:45 ----A---- C:\Windows\SysWOW64\libFLAC.dll
2010-12-07 21:52:39 ----D---- C:\Program Files (x86)\ALLPlayer
2010-12-07 14:49:35 ----D---- C:\ProgramData\Alwil Software
2010-12-07 14:30:50 ----D---- C:\ProgramData\ESL Wire
2010-12-07 14:15:42 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-12-07 14:14:27 ----D---- C:\ProgramData\Adobe
2010-12-07 14:14:26 ----D---- C:\Program Files (x86)\Adobe
2010-12-07 14:14:25 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2010-12-07 14:13:51 ----D---- C:\ProgramData\McAfee
2010-12-02 15:28:05 ----D---- C:\Users\teq\AppData\Roaming\Ahead
2010-12-02 15:27:57 ----D---- C:\ProgramData\Ahead
2010-12-02 15:25:45 ----D---- C:\ProgramData\Nero
2010-12-02 15:25:45 ----D---- C:\Program Files (x86)\Nero
2010-12-02 15:25:45 ----D---- C:\Program Files (x86)\Common Files\Ahead
2010-12-02 15:24:43 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-12-02 15:24:43 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2010-11-22 15:53:32 ----D---- C:\ProgramData\Sun
2010-11-22 15:53:31 ----D---- C:\Program Files (x86)\Common Files\Java
2010-11-22 15:52:46 ----A---- C:\Windows\SysWOW64\javaws.exe
2010-11-22 15:52:46 ----A---- C:\Windows\SysWOW64\javaw.exe
2010-11-22 15:52:46 ----A---- C:\Windows\SysWOW64\java.exe
2010-11-22 15:52:46 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2010-11-22 15:52:28 ----D---- C:\Program Files (x86)\Java
2010-11-21 20:25:48 ----D---- C:\ProgramData\TrackMania

======List of files/folders modified in the last 1 months======

2010-12-20 17:09:10 ----RD---- C:\Program Files (x86)
2010-12-20 16:48:51 ----SHD---- C:\Windows\Installer
2010-12-20 16:48:36 ----SHD---- C:\System Volume Information
2010-12-20 16:31:19 ----D---- C:\Windows\Temp
2010-12-20 16:26:37 ----D---- C:\Windows\Microsoft.NET
2010-12-20 16:26:35 ----RSD---- C:\Windows\assembly
2010-12-20 16:08:44 ----D---- C:\Windows\Prefetch
2010-12-20 16:08:32 ----D---- C:\Windows\winsxs
2010-12-20 16:08:13 ----D---- C:\Windows\SysWOW64
2010-12-20 16:05:51 ----D---- C:\Windows\SysWOW64\pl-PL
2010-12-20 16:05:51 ----D---- C:\Windows\System32
2010-12-20 16:05:49 ----D---- C:\Windows\ehome
2010-12-20 16:05:48 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-20 16:05:46 ----D---- C:\Windows
2010-12-20 16:05:44 ----D---- C:\Windows\inf
2010-12-20 16:05:44 ----D---- C:\Program Files (x86)\Windows Media Player
2010-12-20 16:05:43 ----D---- C:\Windows\SysWOW64\migration
2010-12-20 16:05:43 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-20 15:42:39 ----D---- C:\Windows\debug
2010-12-20 15:38:27 ----D---- C:\Windows\SoftwareDistribution
2010-12-20 15:29:56 ----D---- C:\Windows\Logs
2010-12-20 15:17:44 ----D---- C:\Windows\Tasks
2010-12-19 23:00:07 ----D---- C:\Windows\SysWOW64\drivers
2010-12-19 23:00:02 ----HD---- C:\ProgramData
2010-12-19 22:08:51 ----D---- C:\Windows\Downloaded Program Files
2010-12-19 17:10:25 ----D---- C:\Users\teq\AppData\Roaming\Gadu-Gadu 10
2010-12-17 15:31:41 ----D---- C:\Users\teq\AppData\Roaming\Skype
2010-12-17 15:31:28 ----D---- C:\Users\teq\AppData\Roaming\skypePM
2010-12-10 19:52:43 ----D---- C:\Program Files (x86)\Common Files
2010-12-10 18:44:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-10 15:33:45 ----N---- C:\Windows\Setup1.exe
2010-12-10 15:33:42 ----A---- C:\Windows\ST6UNST.EXE
2010-12-07 14:49:49 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-12-07 14:49:35 ----RD---- C:\Program Files
2010-12-07 14:22:18 ----SD---- C:\Users\teq\AppData\Roaming\Microsoft
2010-12-07 14:22:18 ----D---- C:\Users\teq\AppData\Roaming\Adobe
2010-12-05 14:11:08 ----SD---- C:\ProgramData\Microsoft
2010-11-25 18:26:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-11-25 18:25:10 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-11-25 18:01:09 ----D---- C:\Users\teq\AppData\Roaming\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys []
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R2 ESLWireAC;ESLWireAC; \??\C:\Windows\system32\drivers\ESLWireACD.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys []
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys []
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys []
S3 Andbus;LGE Android Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys []
S3 AndDiag;LGE Android USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys []
S3 AndGps;LGE Android USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys []
S3 ANDModem;LGE Android USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys []
S3 apscy09j;apscy09j; C:\Windows\SysWOW64\drivers\apscy09j.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-11-15 20544]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RTL85n64;Sterownik urządzenia bezprzewodowego Realtek 8180/8185 Extensible 802.11; C:\Windows\system32\DRIVERS\RTL85n64.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-11-17 403240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------[/log]

RSIT INFO

[log]info.txt logfile of random's system information tool 1.08 2010-12-20 17:09:16

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader X-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA0000000001}
ALLPlayer V4.X-->"C:\Program Files (x86)\ALLPlayer\unins000.exe"
AMD USB Filter Driver-->MsiExec.exe /X{82809116-D1EE-443C-AE31-F19E709DDF7A}
Any Video Converter 3.1.2-->"D:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe"
Application Profiles-->MsiExec.exe /X{54862F37-FB81-FDD7-0E47-8E01858213FD}
Archiwizator WinRAR-->D:\Program Files (x86)\WinRAR\uninstall.exe
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
AVG PC Tuneup 2011-->"C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\unins000.exe"
Battlefield 1942-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Browser Configuration Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe" -runfromtemp -l0x0009 -removeonly
Catalyst Control Center - Branding-->MsiExec.exe /I{DDA34038-89BD-4804-B0B8-DC48D5DFB463}
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
EVEREST Home Edition v2.20-->"D:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
Gadu-Gadu 10-->D:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
HLTooLz (D:\Program Files (x86)\HLTooLz\)-->C:\WINDOWS\st6unst.exe -n "D:\Program Files (x86)\HLTooLz\ST6UNST.000"
HLTooLz-->C:\WINDOWS\st6unst.exe -n "D:\Program Files (x86)\HLTooLz\ST6UNST.LOG"
ipla 2.2-->C:\Program Files (x86)\ipla\uninst.exe
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
LG Android Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}\setup.exe" -runfromtemp -l0x0415 LG -removeonly
LG USB Modem Drivers-->MsiExec.exe /X{3E8DE1A6-B365-4FF6-B917-2892A34990E8}
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Essentials-->MsiExec.exe /X{66EBD70F-A42C-475F-AEDF-277378151045}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Real Alternative 2.0.2-->"C:\Program Files (x86)\Real Alternative\unins000.exe"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly
Skype Toolbars-->MsiExec.exe /I{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
TrackMania Nations Forever-->"D:\Gry\Steam\steam.exe" steam://uninstall/11020
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
Winamp-->"D:\Program Files (x86)\Winamp\UninstWA.exe"

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Cryptographic Services weszła w stan stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Modules Installer weszła w stan stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Software Protection weszła w stan stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Event Log weszła w stan stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Volume Shadow Copy weszła w stan stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Pakiet błędów , typ 0
Nazwa zdarzenia: PnPRequestAdditionalSoftware
Odpowiedź: Niedostępny
Identyfikator pliku Cab: 0

Sygnatura problemu:
P1: x64
P2: HID\VID_0A81&PID_0101&REV_0110&MI_01&Col01
P3: 6.1.0.0
P4: 0415
P5: input.inf
P6: *
P7:
P8:
P9:
P10:

Dołączone pliki:

Te pliki mogą być dostępne tutaj:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_caecabaf24de1c1bb6a801599ef82775d2c6cf0_cab_05ad2367

Symbol analizy:
Ponowne sprawdzanie rozwiązania: 0
Identyfikator raportu: b15c9fbb-efed-11df-8ce0-e399eda6ca7f
Stan raportu: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20101114125001.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20101114124950.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20101114124947.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101114124943.209295-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20101114124943.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Grupa:
Identyfikator zabezpieczeń: S-1-5-32-551
Nazwa grupy: Operatorzy kopii zapasowych
Domena grupy: Builtin

Zmienione atrybuty:
Nazwa konta SAM: -
Historia identyfikatora SID: -

Informacje dodatkowe:
Uprawnienia: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101114124925.253664-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Nowa grupa:
Identyfikator zabezpieczeń: S-1-5-32-551
Nazwa grupy: Operatorzy kopii zapasowych
Domena grupy: Builtin

Atrybuty:
Nazwa konta SAM: Operatorzy kopii zapasowych
Historia identyfikatora SID: -

Informacje dodatkowe:
Uprawnienia: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101114124925.238064-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów: 0
Identyfikator zasad: 0x31ee6
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101114124924.894863-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-0-0
Nazwa konta: -
Domena konta: -
Identyfikator logowania: 0x0

Typ logowania: 0

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x4
Nazwa procesu:

Informacje o sieci:
Nazwa stacji roboczej: -
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: -
Pakiet uwierzytelniania: -
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101114124922.851259-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101114124922.804459-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\ATI Stream\bin\x86_64;C:\Program Files (x86)\ATI Stream\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"ATISTREAMSDKROOT"=C:\Program Files (x86)\ATI Stream\

-----------------EOF-----------------[/log]

pomocy! :(

Tomek01
komentarz
komentarz

Edit...

Odinstaluj Deamon Tool Toolbar i Ask toolbar.


W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
[2010-11-14 16:10:03 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\mozilla\Firefox\Profiles\uuyclrp4.default\extensions\DTToolbar@toolbarnet.com
[2010-11-15 20:33:42 | 000,002,567 | ---- | M] () -- C:\Users\teq\AppData\Roaming\Mozilla\FireFox\Profiles\uuyclrp4.default\searchplugins\askcom.xml
[2010-11-14 16:10:01 | 000,002,059 | ---- | M] () -- C:\Users\teq\AppData\Roaming\Mozilla\FireFox\Profiles\uuyclrp4.default\searchplugins\daemon-search.xml
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-1797179490-3010039804-1124486631-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B4227B4

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT


Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.

tequs1
komentarz
komentarz

Deamon Toll Tolbar juz ununąlem normalnie niestety(Programy-Odinstaluj)
[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Folder C:\Users\teq\AppData\Roaming\mozilla\Firefox\Profiles\uuyclrp4.default\extensions\DTToolbar@toolbarnet.com\ not found.
C:\Users\teq\AppData\Roaming\Mozilla\FireFox\Profiles\uuyclrp4.default\searchplugins\askcom.xml moved successfully.
C:\Users\teq\AppData\Roaming\Mozilla\FireFox\Profiles\uuyclrp4.default\searchplugins\daemon-search.xml moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
64bit-Registry value HKEY_USERS\S-1-5-21-1797179490-3010039804-1124486631-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_USERS\S-1-5-21-1797179490-3010039804-1124486631-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
Unable to delete ADS C:\ProgramData\TEMP:0B4227B4 .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: teq
->Temp folder emptied: 4866651 bytes
->Temporary Internet Files folder emptied: 9157641 bytes
->Java cache emptied: 5706 bytes
->FireFox cache emptied: 119938447 bytes
->Google Chrome cache emptied: 6314591 bytes
->Flash cache emptied: 1653 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 873 bytes

Total Files Cleaned = 134,00 mb


OTL by OldTimer - Version 3.2.17.4 log created on 12222010_103539

Files\Folders moved on Reboot...
C:\Users\teq\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...[/log]

[log]OTL logfile created on: 2010-12-22 10:48:55 - Run 2
OTL by OldTimer - Version 3.2.17.4 Folder = C:\Users\teq\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,60 Gb Total Space | 12,81 Gb Free Space | 21,85% Space Free | Partition Type: NTFS
Drive D: | 119,36 Gb Total Space | 83,62 Gb Free Space | 70,06% Space Free | Partition Type: NTFS
Drive E: | 120,13 Gb Total Space | 97,78 Gb Free Space | 81,39% Space Free | Partition Type: NTFS

Computer Name: TEQ-PC | User Name: teq | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-20 21:55:26 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-12-20 16:55:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\teq\Downloads\OTL.exe
PRC - [2010-12-10 18:44:07 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-11-17 14:07:37 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Gry\Steam\steam.exe
PRC - [2010-11-10 19:08:04 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
PRC - [2010-11-10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010-10-22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010-10-22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-20 16:55:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\teq\Downloads\OTL.exe
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010-07-27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010-06-29 06:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-12-11 08:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 08:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 02:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:[b]64bit:[/b] - [2010-09-29 02:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-12-20 21:55:26 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-11-17 15:08:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-11-10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010-10-22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-12-06 10:17:24 | 000,169,656 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:[b]64bit:[/b] - [2010-11-26 10:11:08 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:[b]64bit:[/b] - [2010-11-14 16:09:44 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-11-09 22:20:56 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2010-09-29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010-09-29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-09-29 02:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010-09-13 15:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:[b]64bit:[/b] - [2010-09-07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2010-09-07 03:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2010-09-07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2010-08-19 20:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2010-08-19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:[b]64bit:[/b] - [2010-08-16 11:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2010-03-22 10:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:36 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:34 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:24 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:[b]64bit:[/b] - [2010-01-25 06:09:22 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:48 | 000,378,368 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-04 17:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2009-04-03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2008-06-18 04:20:32 | 000,181,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV - [2010-11-15 15:01:19 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.pl"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010-12-19 20:38:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-10 18:44:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-12-10 19:52:53 | 000,000,000 | ---D | M]

[2010-11-14 14:09:31 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\mozilla\Extensions
[2010-12-22 10:38:52 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\mozilla\Firefox\Profiles\uuyclrp4.default\extensions
[2010-12-21 20:15:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-11-14 19:12:18 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-11-22 15:52:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-12-20 22:32:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010-11-14 15:06:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] D:\Gry\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{70652b13-f001-11df-960b-001fd09eddd0}\Shell - "" = AutoRun
O33 - MountPoints2\{70652b13-f001-11df-960b-001fd09eddd0}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{b514e286-f8a1-11df-9f1c-001fd09eddd0}\Shell - "" = AutoRun
O33 - MountPoints2\{b514e286-f8a1-11df-9f1c-001fd09eddd0}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Pliki programów (x86)\AVG\AVG10\avgchsva.exe File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Pliki programów (x86)\AVG\AVG10\avgrsa.exe File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE - File not found
MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
MsConfig:64bit - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig:64bit - StartUpReg: [b]ESL Wire[/b] - hkey= - key= - C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
MsConfig:64bit - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - D:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-22 10:35:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-12-22 10:27:09 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\ElevatedDiagnostics
[2010-12-21 23:29:26 | 007,248,864 | ---- | C] (Activision Blizzard, Inc.) -- C:\Users\teq\Desktop\CoDWaW.exe
[2010-12-21 23:21:38 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010-12-21 22:01:30 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010-12-21 22:01:30 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\GHISLER
[2010-12-21 21:14:33 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Activision
[2010-12-20 21:58:20 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\PunkBuster
[2010-12-20 17:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010-12-20 17:09:10 | 000,000,000 | ---D | C] -- C:\rsit
[2010-12-20 16:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJack
[2010-12-20 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010-12-19 23:00:08 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Malwarebytes
[2010-12-19 23:00:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-12-19 23:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-12-19 22:59:59 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-12-19 22:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-12-19 22:08:29 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\AVG
[2010-12-19 22:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-12-19 20:41:31 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\AVG10
[2010-12-19 20:39:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010-12-19 20:39:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2010-12-19 20:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010-12-19 20:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2010-12-19 20:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010-12-19 20:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010-12-19 19:38:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010-12-19 18:13:53 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Google
[2010-12-14 19:58:17 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010-12-14 19:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative
[2010-12-14 19:55:04 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Media Player Classic
[2010-12-14 19:47:22 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\BESTplayer
[2010-12-10 19:52:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010-12-10 19:52:41 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Winamp
[2010-12-10 19:51:59 | 000,000,000 | ---D | C] -- C:\Users\teq\Desktop\Muza
[2010-12-09 19:53:05 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\Any Video Converter
[2010-12-09 19:52:08 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\AnvSoft
[2010-12-09 19:42:30 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\OJOsoft Corporation
[2010-12-08 19:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010-12-08 19:27:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\uTorrent
[2010-12-08 18:50:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010-12-07 21:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer
[2010-12-07 21:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLPlayer
[2010-12-07 16:23:53 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\ESL Wire Game Client
[2010-12-07 15:39:03 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\Nowy folder
[2010-12-07 14:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-12-07 14:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-12-07 14:30:55 | 000,169,656 | ---- | C] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2010-12-07 14:30:50 | 000,025,528 | ---- | C] (Turtle Entertainment GmbH) -- C:\Windows\SysNative\drivers\ESLvnic.sys
[2010-12-07 14:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2010-12-07 14:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ESL Wire
[2010-12-07 14:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010-12-07 14:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-12-07 14:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010-12-07 14:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010-12-07 14:14:21 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Adobe
[2010-12-07 14:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010-12-05 12:25:33 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Microsoft Games
[2010-12-02 15:34:30 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Ahead
[2010-12-02 15:28:05 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Ahead
[2010-12-02 15:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010-12-02 15:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010-12-02 15:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010-12-02 15:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2010-12-01 14:27:48 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Rockstar Games
[2010-11-22 15:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-11-22 15:53:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-11-22 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010-11-21 20:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010-11-21 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\teq\Documents\TrackMania
[2010-11-15 21:26:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-11-15 20:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2010-11-15 20:05:31 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010-11-15 16:05:41 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Diagnostics
[2010-11-15 15:59:01 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010-11-15 15:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-11-15 15:57:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010-11-15 15:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010-11-15 15:19:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Ventrilo
[2010-11-15 14:40:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010-11-15 14:40:30 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010-11-15 14:40:30 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010-11-15 14:40:30 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010-11-15 14:40:30 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010-11-15 14:40:27 | 006,430,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe
[2010-11-15 14:40:27 | 000,245,248 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010-11-15 14:40:27 | 000,160,768 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll
[2010-11-15 14:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010-11-15 14:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010-11-15 14:40:08 | 000,146,528 | ---- | C] (DeviceVM Inc.) -- C:\Windows\SysWow64\dvmurl.dll
[2010-11-15 14:40:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-11-15 14:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browser Configuration Utility
[2010-11-15 13:54:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2010-11-14 19:13:45 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\skypePM
[2010-11-14 19:11:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010-11-14 19:11:26 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Skype
[2010-11-14 19:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010-11-14 19:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-11-14 16:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010-11-14 16:09:15 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\DAEMON Tools Lite
[2010-11-14 16:09:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-11-14 15:54:00 | 000,000,000 | ---D | C] -- C:\AMD
[2010-11-14 15:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2010-11-14 15:53:39 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\ATI
[2010-11-14 15:53:39 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\ATI
[2010-11-14 15:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-11-14 15:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010-11-14 15:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2010-11-14 15:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010-11-14 15:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-11-14 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-11-14 15:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-11-14 15:33:36 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Gadu-Gadu 10
[2010-11-14 15:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010-11-14 15:25:49 | 000,000,000 | ---D | C] -- C:\ATI
[2010-11-14 15:24:33 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\ipla
[2010-11-14 15:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2010-11-14 15:24:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ipla
[2010-11-14 15:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010-11-14 15:04:59 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-11-14 14:53:39 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Macromedia
[2010-11-14 14:53:38 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Adobe
[2010-11-14 14:52:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010-11-14 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Mozilla
[2010-11-14 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Mozilla
[2010-11-14 14:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-11-14 14:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-11-14 13:57:40 | 000,000,000 | R--D | C] -- C:\Users\teq\Searches
[2010-11-14 13:57:32 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Identities
[2010-11-14 13:57:30 | 000,000,000 | R--D | C] -- C:\Users\teq\Contacts
[2010-11-14 13:57:29 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\VirtualStore
[2010-11-14 13:57:23 | 000,000,000 | --SD | C] -- C:\Users\teq\AppData\Roaming\Microsoft
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Videos
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Saved Games
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Pictures
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Music
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Links
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Favorites
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Downloads
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Documents
[2010-11-14 13:57:23 | 000,000,000 | R--D | C] -- C:\Users\teq\Desktop
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Ustawienia lokalne
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\AppData\Local\Temporary Internet Files
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Szablony
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\SendTo
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Recent
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\PrintHood
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\NetHood
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Documents\Moje wideo
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Documents\Moje obrazy
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Moje dokumenty
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Documents\Moja muzyka
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Menu Start
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\AppData\Local\Historia
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Dane aplikacji
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\AppData\Local\Dane aplikacji
[2010-11-14 13:57:23 | 000,000,000 | -HSD | C] -- C:\Users\teq\Cookies
[2010-11-14 13:57:23 | 000,000,000 | -H-D | C] -- C:\Users\teq\AppData
[2010-11-14 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Temp
[2010-11-14 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Local\Microsoft
[2010-11-14 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\teq\AppData\Roaming\Media Center Programs
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-11-14 13:56:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-11-14 13:51:56 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-11-14 13:49:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-11-14 13:49:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-11-14 13:48:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-11-14 13:48:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2010-11-14 13:47:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2010-11-09 22:20:56 | 000,382,032 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-22 10:50:08 | 001,835,008 | -HS- | M] () -- C:\Users\teq\NTUSER.DAT
[2010-12-22 10:44:45 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-12-22 10:44:45 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-12-22 10:37:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-12-22 10:37:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-12-22 10:37:05 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010-12-22 10:36:05 | 002,350,210 | -H-- | M] () -- C:\Users\teq\AppData\Local\IconCache.db
[2010-12-22 10:12:08 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-12-22 10:05:44 | 102,298,878 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010-12-22 10:04:31 | 000,000,456 | ---- | M] () -- C:\Users\teq\Desktop\Call of Duty® World at War.lnk
[2010-12-21 22:01:32 | 000,000,632 | ---- | M] () -- C:\Users\teq\Desktop\Total Commander.lnk
[2010-12-21 21:27:27 | 000,000,048 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-12-21 21:07:14 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010-12-21 18:49:06 | 000,002,008 | ---- | M] () -- C:\Users\teq\Desktop\Gamma Control.lnk
[2010-12-20 21:55:26 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010-12-20 16:07:41 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-12-19 22:07:29 | 000,001,181 | ---- | M] () -- C:\Users\teq\Desktop\AVG PC Tuneup 2011.lnk
[2010-12-19 20:39:28 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010-12-19 20:39:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010-12-19 20:39:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010-12-19 18:13:55 | 000,002,304 | ---- | M] () -- C:\Users\teq\Desktop\Google Chrome.lnk
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\UC.PIF
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\RAR.PIF
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\PKZIP.PIF
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\PKUNZIP.PIF
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\NOCLOSE.PIF
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\LHA.PIF
[2010-12-17 07:56:10 | 000,000,545 | ---- | M] () -- C:\Windows\ARJ.PIF
[2010-12-10 20:46:11 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-12-10 20:46:11 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-12-10 20:46:11 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-12-10 20:46:11 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-12-10 20:46:11 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-12-10 19:53:18 | 000,000,692 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-12-10 15:34:10 | 000,000,716 | ---- | M] () -- C:\Users\teq\Desktop\HLTooLz.LNK
[2010-12-09 19:52:20 | 000,000,789 | ---- | M] () -- C:\Users\teq\Desktop\Any Video Converter.lnk
[2010-12-09 19:49:23 | 000,003,584 | ---- | M] () -- C:\Users\teq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-08 19:31:16 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-12-08 18:48:52 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2010-12-07 21:52:48 | 000,001,023 | ---- | M] () -- C:\Users\teq\Desktop\ALLPlayer V4.5.lnk
[2010-12-07 14:49:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010-12-07 14:15:47 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader.lnk
[2010-12-06 10:17:24 | 000,169,656 | ---- | M] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2010-12-05 12:17:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-12-02 15:33:55 | 000,002,770 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010-11-29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-11-29 14:14:55 | 000,000,693 | ---- | M] () -- C:\Users\teq\Desktop\Battlefield 1942.lnk
[2010-11-26 10:11:08 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) -- C:\Windows\SysNative\drivers\ESLvnic.sys
[2010-11-25 18:29:11 | 000,000,535 | ---- | M] () -- C:\Windows\eReg.dat
[2010-11-21 14:07:48 | 000,000,205 | ---- | M] () -- C:\Users\teq\Desktop\TrackMania Nations Forever.url
[2010-11-15 21:34:22 | 000,000,017 | ---- | M] () -- C:\Users\teq\AppData\Local\resmon.resmoncfg
[2010-11-15 21:26:06 | 307,027,071 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-11-15 21:15:33 | 000,000,905 | ---- | M] () -- C:\Users\teq\Desktop\Shaiya.lnk
[2010-11-15 20:07:46 | 000,000,769 | ---- | M] () -- C:\Users\teq\Desktop\EVEREST Home Edition.lnk
[2010-11-15 20:05:31 | 000,000,741 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010-11-15 16:07:40 | 000,000,222 | ---- | M] () -- C:\Users\teq\Desktop\Counter-Strike.url
[2010-11-15 15:29:40 | 000,000,414 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010-11-15 15:01:16 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2010-11-14 19:11:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-11-14 16:10:01 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-11-14 16:09:44 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-11-14 15:36:31 | 000,001,107 | ---- | M] () -- C:\Users\teq\Desktop\Ventrilo.lnk
[2010-11-14 15:31:48 | 000,001,071 | ---- | M] () -- C:\Users\teq\Desktop\WinRAR.lnk
[2010-11-14 15:24:33 | 000,057,560 | ---- | M] () -- C:\Users\teq\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-11-14 15:24:32 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\ipla.lnk
[2010-11-14 15:05:58 | 000,000,712 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-11-14 15:02:41 | 000,000,203 | ---- | M] () -- C:\Users\teq\Desktop\Counter-Strike Source.url
[2010-11-14 14:09:23 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-11-14 14:04:01 | 000,000,901 | ---- | M] () -- C:\Users\teq\Desktop\Steam.lnk
[2010-11-14 13:57:47 | 000,524,288 | -HS- | M] () -- C:\Users\teq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-11-14 13:57:47 | 000,524,288 | -HS- | M] () -- C:\Users\teq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-11-14 13:57:47 | 000,065,536 | -HS- | M] () -- C:\Users\teq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-11-14 13:57:23 | 000,000,020 | -HS- | M] () -- C:\Users\teq\ntuser.ini
[2010-11-14 13:57:11 | 000,171,136 | RHS- | M] () -- C:\W7LDR
[2010-11-14 13:53:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-11-14 13:53:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-11-14 13:51:37 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-11-14 13:48:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-11-09 22:20:56 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-22 10:05:44 | 102,298,878 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010-12-22 10:04:31 | 000,000,456 | ---- | C] () -- C:\Users\teq\Desktop\Call of Duty® World at War.lnk
[2010-12-21 22:01:32 | 000,000,632 | ---- | C] () -- C:\Users\teq\Desktop\Total Commander.lnk
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010-12-21 22:01:30 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010-12-21 21:27:27 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-12-21 18:49:06 | 000,002,008 | ---- | C] () -- C:\Users\teq\Desktop\Gamma Control.lnk
[2010-12-20 21:55:29 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-12-20 21:55:26 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010-12-20 21:55:26 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010-12-19 22:36:15 | 002,350,210 | -H-- | C] () -- C:\Users\teq\AppData\Local\IconCache.db
[2010-12-19 22:07:29 | 000,001,181 | ---- | C] () -- C:\Users\teq\Desktop\AVG PC Tuneup 2011.lnk
[2010-12-19 20:39:28 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010-12-19 20:39:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010-12-19 20:39:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010-12-19 18:13:55 | 000,002,304 | ---- | C] () -- C:\Users\teq\Desktop\Google Chrome.lnk
[2010-12-10 19:53:18 | 000,000,692 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010-12-10 15:34:10 | 000,000,716 | ---- | C] () -- C:\Users\teq\Desktop\HLTooLz.LNK
[2010-12-09 19:52:20 | 000,000,789 | ---- | C] () -- C:\Users\teq\Desktop\Any Video Converter.lnk
[2010-12-09 19:49:23 | 000,003,584 | ---- | C] () -- C:\Users\teq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-09 19:48:57 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-12-08 19:31:16 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-12-07 21:52:48 | 000,001,023 | ---- | C] () -- C:\Users\teq\Desktop\ALLPlayer V4.5.lnk
[2010-12-07 21:52:45 | 000,797,184 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2010-12-07 21:52:45 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-12-07 21:52:45 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010-12-07 14:49:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010-12-07 14:30:54 | 000,000,779 | ---- | C] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2010-12-07 14:15:47 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader.lnk
[2010-12-05 12:17:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-12-02 15:33:55 | 000,002,770 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010-11-29 14:14:55 | 000,000,693 | ---- | C] () -- C:\Users\teq\Desktop\Battlefield 1942.lnk
[2010-11-25 18:29:11 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2010-11-21 14:07:48 | 000,000,205 | ---- | C] () -- C:\Users\teq\Desktop\TrackMania Nations Forever.url
[2010-11-15 21:34:22 | 000,000,017 | ---- | C] () -- C:\Users\teq\AppData\Local\resmon.resmoncfg
[2010-11-15 21:26:06 | 307,027,071 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-11-15 21:15:33 | 000,000,905 | ---- | C] () -- C:\Users\teq\Desktop\Shaiya.lnk
[2010-11-15 20:07:46 | 000,000,769 | ---- | C] () -- C:\Users\teq\Desktop\EVEREST Home Edition.lnk
[2010-11-15 20:05:31 | 000,000,741 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010-11-15 15:59:01 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010-11-15 15:29:40 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010-11-15 14:40:57 | 000,000,553 | R--- | C] () -- C:\Windows\USetup.iss
[2010-11-15 14:40:29 | 000,666,112 | ---- | C] () -- C:\Windows\SysNative\RTCOM64.dll
[2010-11-15 14:39:33 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010-11-14 19:11:26 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-11-14 16:10:01 | 000,000,853 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-11-14 16:09:44 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010-11-14 15:36:31 | 000,001,107 | ---- | C] () -- C:\Users\teq\Desktop\Ventrilo.lnk
[2010-11-14 15:31:48 | 000,001,071 | ---- | C] () -- C:\Users\teq\Desktop\WinRAR.lnk
[2010-11-14 15:24:33 | 000,057,560 | ---- | C] () -- C:\Users\teq\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-11-14 15:24:32 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\ipla.lnk
[2010-11-14 15:05:58 | 000,000,712 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2010-11-14 15:02:41 | 000,000,203 | ---- | C] () -- C:\Users\teq\Desktop\Counter-Strike Source.url
[2010-11-14 15:02:34 | 000,000,222 | ---- | C] () -- C:\Users\teq\Desktop\Counter-Strike.url
[2010-11-14 14:09:23 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-11-14 14:04:01 | 000,000,901 | ---- | C] () -- C:\Users\teq\Desktop\Steam.lnk
[2010-11-14 13:57:23 | 000,524,288 | -HS- | C] () -- C:\Users\teq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-11-14 13:57:23 | 000,524,288 | -HS- | C] () -- C:\Users\teq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-11-14 13:57:23 | 000,262,144 | -HS- | C] () -- C:\Users\teq\ntuser.dat.LOG1
[2010-11-14 13:57:23 | 000,065,536 | -HS- | C] () -- C:\Users\teq\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-11-14 13:57:23 | 000,000,020 | -HS- | C] () -- C:\Users\teq\ntuser.ini
[2010-11-14 13:57:23 | 000,000,000 | -HS- | C] () -- C:\Users\teq\ntuser.dat.LOG2
[2010-11-14 13:57:22 | 001,835,008 | -HS- | C] () -- C:\Users\teq\NTUSER.DAT
[2010-11-14 13:57:11 | 000,171,136 | RHS- | C] () -- C:\W7LDR
[2010-11-14 13:51:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-11-14 13:49:08 | 3220,037,632 | -HS- | C] () -- C:\hiberfil.sys
[2010-11-14 13:48:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010-11-14 13:48:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009-07-14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009-07-14 03:34:57 | 000,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009-07-14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-09 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\AnvSoft
[2010-12-19 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\AVG
[2010-12-19 20:41:31 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\AVG10
[2010-12-14 19:48:07 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\BESTplayer
[2010-11-25 18:01:09 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\DAEMON Tools Lite
[2010-12-19 17:10:25 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\Gadu-Gadu 10
[2010-12-21 22:01:30 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\GHISLER
[2010-11-14 15:24:56 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\ipla
[2010-12-21 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\teq\AppData\Roaming\uTorrent
[2010-12-22 10:28:15 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010-11-14 13:48:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-11-15 15:01:38 | 000,000,010 | ---- | M] () -- C:\csb.log
[2010-12-22 10:37:05 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010-12-22 10:37:05 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys
[2010-11-15 14:40:57 | 000,000,703 | ---- | M] () -- C:\RHDSetup.log
[2010-11-14 13:57:11 | 000,171,136 | RHS- | M] () -- C:\W7LDR


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >[/log]

[log]OTL Extras logfile created on: 2010-12-22 10:48:55 - Run 2
OTL by OldTimer - Version 3.2.17.4 Folder = C:\Users\teq\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,60 Gb Total Space | 12,81 Gb Free Space | 21,85% Space Free | Partition Type: NTFS
Drive D: | 119,36 Gb Total Space | 83,62 Gb Free Space | 70,06% Space Free | Partition Type: NTFS
Drive E: | 120,13 Gb Total Space | 97,78 Gb Free Space | 81,39% Space Free | Partition Type: NTFS

Computer Name: TEQ-PC | User Name: teq | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{24BEFDE1-A699-4139-B61B-B1102FDE7279}" = AVG 2011
"{34BD24DF-3B6F-8661-D4F0-0EBCACA2C834}" = ccc-utility64
"{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
"{8FCBB6DA-069C-8D08-DD99-F0881B9EECC3}" = AMD Drag and Drop Transcoding
"{CACBDC26-D504-49ED-3FEC-0CDDB3700240}" = ATI Catalyst Install Manager
"{E4C703FE-7F5C-475D-9458-8E2FD7110790}" = AVG 2011
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"AVG" = AVG 2011
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"ESL Wire_is1" = ESL Wire 1.9.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1DE1B0F3-5897-4C66-BA18-F8A9E95FAE5C}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D481F91-44BA-F0FE-CD07-8B3429A2A821}" = Catalyst Control Center Graphics Previews Common
"{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}" = LG Android Driver
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{543A0462-62A8-59CA-8EA7-B2173DA96DAC}" = CCC Help English
"{54862F37-FB81-FDD7-0E47-8E01858213FD}" = Application Profiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5809A31C-32FB-35CA-E1D2-0B898119E15F}" = Catalyst Control Center InstallProxy
"{66EBD70F-A42C-475F-AEDF-277378151045}" = Nero 7 Essentials
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{6F868980-FF49-011B-2C95-409F199B9C19}" = Catalyst Control Center Graphics Previews Vista
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter_is1" = Any Video Converter 3.1.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"ipla" = ipla 2.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"ST6UNST #1" = HLTooLz
"ST6UNST #2" = HLTooLz (D:\Program Files (x86)\HLTooLz\)
"Steam App 11020" = TrackMania Nations Forever
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-12-19 15:40:36 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 17:39:01 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 17:39:01 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-19 18:01:09 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-20 02:09:51 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-20 09:35:59 | Computer Name = teq-PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "D:\Gry\GTAIV\GTA\Grand
Theft Auto IV\GTAIV.exe". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2010-12-20 15:58:42 | Computer Name = teq-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 2010-12-20 16:32:43 | Computer Name = teq-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CoDWaW.exe, wersja: 1.0.0.1, sygnatura
czasowa: 0x48f00000 Nazwa modułu powodującego błąd: CoDWaW.exe, wersja: 1.0.0.1,
sygnatura czasowa: 0x48f00000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x001b1807
Identyfikator
procesu powodującego błąd: 0x534 Godzina uruchomienia aplikacji powodującej błąd:
0x01cba084bdfadca0 Ścieżka aplikacji powodującej błąd: D:\Gry\Call of Duty - World
at War\CoDWaW.exe Ścieżka modułu powodującego błąd: D:\Gry\Call of Duty - World
at War\CoDWaW.exe Identyfikator raportu: 4b6cdc4e-0c78-11e0-a20c-00ff01000001

Error - 2010-12-20 16:34:24 | Computer Name = teq-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CoDWaW.exe, wersja: 1.0.0.1, sygnatura
czasowa: 0x48f00000 Nazwa modułu powodującego błąd: CoDWaW.exe, wersja: 1.0.0.1,
sygnatura czasowa: 0x48f00000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x001b1807
Identyfikator
procesu powodującego błąd: 0x8e4 Godzina uruchomienia aplikacji powodującej błąd:
0x01cba085346f51d6 Ścieżka aplikacji powodującej błąd: D:\Gry\Call of Duty - World
at War\CoDWaW.exe Ścieżka modułu powodującego błąd: D:\Gry\Call of Duty - World
at War\CoDWaW.exe Identyfikator raportu: 879c8a89-0c78-11e0-a20c-00ff01000001

Error - 2010-12-21 14:04:32 | Computer Name = teq-PC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CoDWaW.exe, wersja: 1.0.0.1, sygnatura
czasowa: 0x48f00000 Nazwa modułu powodującego błąd: CoDWaW.exe, wersja: 1.0.0.1,
sygnatura czasowa: 0x48f00000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x001b1807
Identyfikator
procesu powodującego błąd: 0x13c0 Godzina uruchomienia aplikacji powodującej błąd:
0x01cba139734655e0 Ścieżka aplikacji powodującej błąd: D:\Gry\Call of Duty - World
at War\CoDWaW.exe Ścieżka modułu powodującego błąd: D:\Gry\Call of Duty - World
at War\CoDWaW.exe Identyfikator raportu: c29b3394-0d2c-11e0-8384-00ff01000001

[ Media Center Events ]
Error - 2010-11-28 14:04:59 | Computer Name = teq-PC | Source = MCUpdate | ID = 0
Description = 19:04:59 - Błąd podczas nawiązywania połączenia z Internetem. 19:04:59
- Nie można skontaktować się z serwerem..

Error - 2010-11-28 14:06:12 | Computer Name = teq-PC | Source = MCUpdate | ID = 0
Description = 19:06:12 - Błąd podczas nawiązywania połączenia z Internetem. 19:06:12
- Nie można skontaktować się z serwerem..

Error - 2010-12-01 09:01:29 | Computer Name = teq-PC | Source = MCUpdate | ID = 0
Description = 14:01:29 - Błąd podczas nawiązywania połączenia z Internetem. 14:01:29
- Nie można skontaktować się z serwerem..

[ System Events ]
Error - 2010-12-22 05:26:39 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Zasilanie niespodziewanie zakończyła pracę. Wystąpiło to razy:
1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom ponownie komputer.

Error - 2010-12-22 05:26:39 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
ponownie komputer) po nieoczekiwanym zakończeniu usługi Plug and Play, ale ta akcja
nie powiodła się przy następującym błędzie: %%1190.

Error - 2010-12-22 05:26:39 | Computer Name = teq-PC | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
ponownie komputer) po nieoczekiwanym zakończeniu usługi Program uruchamiający proces
serwera DCOM, ale ta akcja nie powiodła się przy następującym błędzie: %%1190.

Error - 2010-12-22 05:28:09 | Computer Name = teq-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 10:26:39 na ?2010-?12-?22 było
nieoczekiwane.

Error - 2010-12-22 05:29:04 | Computer Name = teq-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010-12-22 05:29:04 | Computer Name = teq-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010-12-22 05:34:19 | Computer Name = teq-PC | Source = bowser | ID = 8003
Description =

Error - 2010-12-22 05:38:11 | Computer Name = teq-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010-12-22 05:38:11 | Computer Name = teq-PC | Source = WMPNetworkSvc | ID = 866306
Description =

Error - 2010-12-22 05:48:54 | Computer Name = teq-PC | Source = bowser | ID = 8003
Description =


< End of report >[/log]

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by teq at 2010-12-22 10:56:49
Microsoft Windows 7 Ultimate
System drive C: has 13 GB (22%) free of 60 GB
Total RAM: 4094 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:52, on 2010-12-22
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
D:\Gry\Steam\steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\teq\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\teq.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Steam] "D:\Gry\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6996 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-10 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2010-11-04 2731360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2010-10-22 2745696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Gry\Steam\steam.exe [2010-11-17 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-22 10:35:39 ----D---- C:\_OTL
2010-12-21 23:21:38 ----D---- C:\Windows\Sun
2010-12-21 22:01:30 ----D---- C:\Users\teq\AppData\Roaming\GHISLER
2010-12-21 22:01:30 ----D---- C:\totalcmd
2010-12-21 22:01:30 ----A---- C:\Windows\UC.PIF
2010-12-21 22:01:30 ----A---- C:\Windows\RAR.PIF
2010-12-21 22:01:30 ----A---- C:\Windows\PKZIP.PIF
2010-12-21 22:01:30 ----A---- C:\Windows\PKUNZIP.PIF
2010-12-21 22:01:30 ----A---- C:\Windows\NOCLOSE.PIF
2010-12-21 22:01:30 ----A---- C:\Windows\LHA.PIF
2010-12-21 22:01:30 ----A---- C:\Windows\ARJ.PIF
2010-12-20 22:32:48 ----A---- C:\Windows\SysWOW64\javaws.exe
2010-12-20 22:32:48 ----A---- C:\Windows\SysWOW64\javaw.exe
2010-12-20 22:32:48 ----A---- C:\Windows\SysWOW64\java.exe
2010-12-20 21:55:29 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2010-12-20 21:55:26 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
2010-12-20 21:55:26 ----A---- C:\Windows\SysWOW64\pbsvc.exe
2010-12-20 21:27:43 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2010-12-20 21:27:43 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2010-12-20 21:27:42 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2010-12-20 21:27:41 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2010-12-20 21:27:40 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2010-12-20 21:27:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2010-12-20 21:27:39 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2010-12-20 21:27:38 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2010-12-20 21:27:37 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2010-12-20 21:27:36 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2010-12-20 21:27:34 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2010-12-20 21:27:34 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2010-12-20 21:27:34 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2010-12-20 21:27:33 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2010-12-20 21:27:32 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2010-12-20 21:27:32 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2010-12-20 21:27:31 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2010-12-20 21:27:30 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2010-12-20 21:27:29 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-12-20 21:27:29 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2010-12-20 21:27:29 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2010-12-20 21:27:28 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2010-12-20 21:27:28 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2010-12-20 21:27:27 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2010-12-20 21:27:27 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2010-12-20 21:27:26 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2010-12-20 21:27:26 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2010-12-20 21:27:25 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2010-12-20 21:27:25 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2010-12-20 21:27:25 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2010-12-20 21:27:24 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2010-12-20 21:27:23 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2010-12-20 21:27:22 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2010-12-20 21:27:22 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2010-12-20 21:27:21 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2010-12-20 21:27:21 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2010-12-20 21:27:21 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2010-12-20 21:27:19 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2010-12-20 21:27:19 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2010-12-20 21:27:18 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2010-12-20 21:27:18 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2010-12-20 21:27:17 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2010-12-20 21:27:08 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2010-12-20 21:27:08 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2010-12-20 21:27:08 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2010-12-20 21:27:06 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2010-12-20 21:27:06 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2010-12-20 21:08:45 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2010-12-20 21:08:44 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2010-12-20 17:09:10 ----D---- C:\rsit
2010-12-20 17:09:10 ----D---- C:\Program Files (x86)\trend micro
2010-12-20 16:48:50 ----D---- C:\Program Files (x86)\HiJack
2010-12-20 15:53:50 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2010-12-20 15:48:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\mscoree.dll
2010-12-20 15:46:04 ----A---- C:\Windows\SysWOW64\dfshim.dll
2010-12-20 15:37:17 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2010-12-20 15:37:12 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-12-20 15:37:11 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-12-20 15:37:09 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-12-20 15:36:59 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-12-20 15:36:42 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-12-20 15:36:41 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-12-20 15:36:41 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-12-20 15:36:40 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-12-20 15:36:39 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-12-20 15:36:39 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-12-20 15:36:39 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-12-20 15:36:38 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-12-20 15:36:35 ----A---- C:\Windows\SysWOW64\comctl32.dll
2010-12-20 15:36:32 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-12-20 15:36:28 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-12-20 15:36:27 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-12-20 15:36:19 ----A---- C:\Windows\SysWOW64\explorer.exe
2010-12-20 15:36:19 ----A---- C:\Windows\explorer.exe
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\taskschd.dll
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\taskeng.exe
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2010-12-20 15:36:16 ----A---- C:\Windows\SysWOW64\schtasks.exe
2010-12-20 15:36:13 ----A---- C:\Windows\SysWOW64\ole32.dll
2010-12-20 15:36:11 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-12-20 15:36:11 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-12-20 15:36:09 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-12-20 15:36:09 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\quartz.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\msyuv.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\msrle32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2010-12-20 15:36:06 ----A---- C:\Windows\SysWOW64\avifil32.dll
2010-12-20 15:36:03 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-12-20 15:36:01 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-12-20 15:36:00 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-12-20 15:35:59 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-12-20 15:35:58 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2010-12-20 15:35:57 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-12-20 15:35:55 ----A---- C:\Windows\SysWOW64\webio.dll
2010-12-20 15:35:54 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-12-20 15:35:53 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-12-20 15:35:52 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2010-12-20 15:35:48 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-12-20 15:35:47 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2010-12-20 15:35:46 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-12-20 15:35:43 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-12-20 15:35:28 ----A---- C:\Windows\SysWOW64\sscore.dll
2010-12-20 15:35:16 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2010-12-20 15:35:16 ----A---- C:\Windows\SysWOW64\mfc40.dll
2010-12-20 15:35:09 ----A---- C:\Windows\SysWOW64\msasn1.dll
2010-12-19 23:00:08 ----D---- C:\Users\teq\AppData\Roaming\Malwarebytes
2010-12-19 23:00:02 ----D---- C:\ProgramData\Malwarebytes
2010-12-19 23:00:02 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
2010-12-19 22:59:59 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-19 22:08:29 ----D---- C:\Users\teq\AppData\Roaming\AVG
2010-12-19 22:07:37 ----AD---- C:\ProgramData\TEMP
2010-12-19 20:41:31 ----D---- C:\Users\teq\AppData\Roaming\AVG10
2010-12-19 20:39:43 ----HD---- C:\ProgramData\Common Files
2010-12-19 20:39:20 ----D---- C:\Windows\SysWOW64\drivers\AVG
2010-12-19 20:38:27 ----D---- C:\ProgramData\AVG10
2010-12-19 20:35:26 ----D---- C:\Program Files (x86)\AVG
2010-12-19 20:34:00 ----D---- C:\ProgramData\MFAData
2010-12-19 18:51:10 ----A---- C:\Windows\ntbtlog.txt
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\rmoc3260.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\pndx5032.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\pndx5016.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\pncrt.dll
2010-12-14 19:58:17 ----A---- C:\Windows\SysWOW64\msvcp71.dll
2010-12-14 19:58:16 ----D---- C:\Program Files (x86)\Real Alternative
2010-12-14 19:55:04 ----D---- C:\Users\teq\AppData\Roaming\Media Player Classic
2010-12-14 19:47:22 ----D---- C:\Users\teq\AppData\Roaming\BESTplayer
2010-12-10 19:53:17 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-12-10 19:53:17 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-12-10 19:52:43 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-12-10 19:52:41 ----D---- C:\Users\teq\AppData\Roaming\Winamp
2010-12-09 19:52:08 ----D---- C:\Users\teq\AppData\Roaming\AnvSoft
2010-12-09 19:48:57 ----A---- C:\Windows\SysWOW64\xvidvfw.dll
2010-12-08 19:31:16 ----D---- C:\Program Files (x86)\uTorrent
2010-12-08 19:27:25 ----D---- C:\Users\teq\AppData\Roaming\uTorrent
2010-12-08 18:50:23 ----D---- C:\Windows\pss
2010-12-07 21:52:45 ----D---- C:\ProgramData\ALLPlayer
2010-12-07 21:52:45 ----A---- C:\Windows\SysWOW64\xvidcore.dll
2010-12-07 21:52:45 ----A---- C:\Windows\SysWOW64\libFLAC.dll
2010-12-07 21:52:39 ----D---- C:\Program Files (x86)\ALLPlayer
2010-12-07 14:49:35 ----D---- C:\ProgramData\Alwil Software
2010-12-07 14:30:50 ----D---- C:\ProgramData\ESL Wire
2010-12-07 14:15:42 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-12-07 14:14:27 ----D---- C:\ProgramData\Adobe
2010-12-07 14:14:26 ----D---- C:\Program Files (x86)\Adobe
2010-12-07 14:14:25 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2010-12-07 14:13:51 ----D---- C:\ProgramData\McAfee
2010-12-02 15:28:05 ----D---- C:\Users\teq\AppData\Roaming\Ahead
2010-12-02 15:27:57 ----D---- C:\ProgramData\Ahead
2010-12-02 15:25:45 ----D---- C:\ProgramData\Nero
2010-12-02 15:25:45 ----D---- C:\Program Files (x86)\Nero
2010-12-02 15:25:45 ----D---- C:\Program Files (x86)\Common Files\Ahead
2010-12-02 15:24:43 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-12-02 15:24:43 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll

======List of files/folders modified in the last 1 months======

2010-12-22 10:38:02 ----D---- C:\Windows\Temp
2010-12-22 10:37:41 ----D---- C:\Windows\SysWOW64
2010-12-22 10:33:04 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2010-12-22 10:01:59 ----D---- C:\Windows\System32
2010-12-21 23:21:38 ----D---- C:\Windows
2010-12-21 23:21:16 ----D---- C:\Users\teq\AppData\Roaming\Skype
2010-12-21 21:27:27 ----HD---- C:\ProgramData
2010-12-21 21:27:10 ----D---- C:\Users\teq\AppData\Roaming\skypePM
2010-12-21 21:27:05 ----SHD---- C:\System Volume Information
2010-12-21 21:08:22 ----RSD---- C:\Windows\assembly
2010-12-21 21:07:14 ----SHD---- C:\Windows\Installer
2010-12-20 22:56:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-20 22:32:35 ----D---- C:\Program Files (x86)\Java
2010-12-20 21:27:12 ----D---- C:\Windows\Microsoft.NET
2010-12-20 21:08:46 ----D---- C:\Windows\Logs
2010-12-20 21:01:16 ----RD---- C:\Program Files (x86)
2010-12-20 16:08:44 ----D---- C:\Windows\Prefetch
2010-12-20 16:08:32 ----D---- C:\Windows\winsxs
2010-12-20 16:05:51 ----D---- C:\Windows\SysWOW64\pl-PL
2010-12-20 16:05:49 ----D---- C:\Windows\ehome
2010-12-20 16:05:48 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-20 16:05:44 ----D---- C:\Windows\inf
2010-12-20 16:05:44 ----D---- C:\Program Files (x86)\Windows Media Player
2010-12-20 16:05:43 ----D---- C:\Windows\SysWOW64\migration
2010-12-20 16:05:43 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-20 15:42:39 ----D---- C:\Windows\debug
2010-12-20 15:38:27 ----D---- C:\Windows\SoftwareDistribution
2010-12-20 15:17:44 ----D---- C:\Windows\Tasks
2010-12-19 23:00:07 ----D---- C:\Windows\SysWOW64\drivers
2010-12-19 22:08:51 ----D---- C:\Windows\Downloaded Program Files
2010-12-19 17:10:25 ----D---- C:\Users\teq\AppData\Roaming\Gadu-Gadu 10
2010-12-10 19:52:43 ----D---- C:\Program Files (x86)\Common Files
2010-12-10 18:44:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-10 15:33:45 ----N---- C:\Windows\Setup1.exe
2010-12-10 15:33:42 ----A---- C:\Windows\ST6UNST.EXE
2010-12-07 14:49:49 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-12-07 14:49:35 ----RD---- C:\Program Files
2010-12-07 14:22:18 ----SD---- C:\Users\teq\AppData\Roaming\Microsoft
2010-12-07 14:22:18 ----D---- C:\Users\teq\AppData\Roaming\Adobe
2010-12-05 14:11:08 ----SD---- C:\ProgramData\Microsoft
2010-12-01 14:32:01 ----D---- C:\ProgramData\TrackMania
2010-11-25 18:25:10 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-11-25 18:01:09 ----D---- C:\Users\teq\AppData\Roaming\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys []
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys []
R2 ESLWireAC;ESLWireAC; \??\C:\Windows\system32\drivers\ESLWireACD.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys []
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys []
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S3 a8b1mcws;a8b1mcws; C:\Windows\SysWOW64\drivers\a8b1mcws.sys []
S3 Andbus;LGE Android Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys []
S3 AndDiag;LGE Android USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys []
S3 AndGps;LGE Android USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys []
S3 ANDModem;LGE Android USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-11-15 20544]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RTL85n64;Sterownik urządzenia bezprzewodowego Realtek 8180/8185 Extensible 802.11; C:\Windows\system32\DRIVERS\RTL85n64.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-12-20 66872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-11-17 403240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------[/log]
Malware, usunąlem zainfekowane :)
[log]Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Wersja bazy: 5358

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2010-12-22 11:35:04
mbam-log-2010-12-22 (11-35-04).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)
Przeskanowano obiektów: 284070
Upłynęło: 34 minut(y), 52 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 4
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 6

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
e:\downloads\Rózne\battlefield_1942_no-cd_patch\bf1942_nocd.exe (Trojan.Bancos) -> Quarantined and deleted successfully.
e:\downloads\Rózne\guitar pro 5\guitar_pro_v5.1__cracked_\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\downloads\Rózne\longjuyt2_up_by_mrcybuch\spolszczenie longjuyt2\metin_longjuyt2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\downloads\Rózne\metin_longjuyt2_new!_up_by_mrcybuch\metin_longjuyt2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
e:\downloads\Rózne\NX06_1\nowy folder\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
e:\RECYCLER\s-1-5-21-1229272821-839522115-725345543-1003\De5\a2uploader.exe (Spyware.PWS) -> Quarantined and deleted successfully.[/log]

Zaraz dorzuce DrWeb

Nie chce robić formata :(( nic innego chyba nie pozostaje...windows aktualizuje cały czas ale nic z tego, problem cały czas jest i nie zamierza odejść

Tomek01
komentarz
komentarz

Pokaż mi zrzut z programu: [url="http://www.programosy.pl/program,process-monitor.html"][color="#0000FF"][b]Process Monitor[/b][/color][/url]

[code]
:Processes
Explorer.exe

:OTL
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)

:Files
C:\Program Files (x86)\DAEMON Tools Toolbar

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

RunFix...
Zestaw logów.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.