neirol utworzono 6 sierpnia 2011 utworzono 6 sierpnia 2011 Witam, problem wałkowany od zarania dziejów, czytałem mnóstwo różnych tematów z poradami, rozwiązaniami etc., ale nic to w sumie nie daje. A wiadomo, przyczyny często najróżniejsze, na logach z Hijackthis czy Combofix się nie znam, więc piszę z nadzieją do Was. Otóż w moim przypadku komputer formatowałem już kilka razy, zawsze pomagało to na tydzień lub dwa, po czym wszystko znowu strasznie zwalniało - w bezczynności CPU 70-100% przy trybie zwiększonej wydajności (procesor Athlon II Dual Core M-320 2x2.1ghz, 4gb ram, plyta główna MSI MS-1684, Radeon HD 4200, Windows 7). W menadżerze zadań niepokoją poreplikowane procesy (wiem że kilka svchost to norma, no ale zobaczcie sami: http://img217.imageshack.us/img217/884/menadzer.jpg ), a żadnych zbędnych rzeczy nie instalowałem. Prędzej myślałem że to może wina automatycznych aktualizacji, więc po ostatnim formacie je wyłączyłem, ale nic to nie dało. Czyściłem jakoś na czuja ComboFixem i HiJackThis (niemądrze, wiem, ale się zdenerwowałem już!) a także CCleaner - nic. Zapodaję logi. HiJackThis: [log] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:19:50, on 2011-08-06 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe E:\Mysz\Amoumain.exe C:\Windows\System32\hale.exe C:\Windows\SysWOW64\cmd.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe E:\Avast\AvastUI.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe E:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "E:\Avast\avastUI.exe" /nogui O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - E:\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 4247 bytes [/log] OTL (ustawienia jak w temacie http://www.forumpc.pl/index.php?showtopic=104338 ) : [log] OTL logfile created on: 2011-08-06 11:28:30 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = D:\Download 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,75 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 62,79% Memory free 7,50 Gb Paging File | 6,00 Gb Available in Paging File | 80,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 30,18 Gb Total Space | 13,03 Gb Free Space | 43,17% Space Free | Partition Type: NTFS Drive D: | 180,66 Gb Total Space | 19,61 Gb Free Space | 10,85% Space Free | Partition Type: NTFS Drive E: | 87,15 Gb Total Space | 41,79 Gb Free Space | 47,95% Space Free | Partition Type: NTFS Computer Name: NEIROMPUTER | User Name: Neirol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - File not found -- PRC - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- E:\Avast\AvastUI.exe PRC - [2009-07-14 03:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe PRC - [2009-07-14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe PRC - [2008-03-07 17:04:28 | 000,237,568 | ---- | M] () -- E:\Mysz\Amoumain.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- E:\Avast\snxhk.dll MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2007-04-07 20:22:06 | 000,032,768 | ---- | M] () -- C:\Windows\SysWOW64\Amhooker.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2009-07-30 05:03:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011-07-26 14:18:30 | 000,075,064 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-07-16 12:53:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2010-10-11 21:19:36 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2010-10-11 21:19:28 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2010-10-11 21:19:26 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134) DRV:[b]64bit:[/b] - [2009-07-30 15:11:22 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-05 16:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2008-02-13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt) DRV:[b]64bit:[/b] - [2007-10-15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2011-07-27 13:06:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O2 - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe () O4 - HKLM..\Run: [Chew7Hale] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-08-06 10:48:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011-08-01 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Soulseek Chat Logs [2011-07-29 18:45:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ElevatedDiagnostics [2011-07-27 13:18:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011-07-27 13:03:36 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011-07-27 12:57:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011-07-27 12:57:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011-07-27 12:57:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011-07-26 14:12:30 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\PunkBuster [2011-07-26 13:48:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Qtracker [2011-07-26 13:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qtracker [2011-07-26 13:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision [2011-07-26 13:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gBurner [2011-07-25 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Syberia Saves [2011-07-25 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\GTA San Andreas User Files [2011-07-25 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011-07-25 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx [2011-07-25 19:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microids [2011-07-25 18:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia [2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia [2011-07-25 00:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011-07-25 00:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011-07-25 00:16:35 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\2K Games [2011-07-23 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SubDownloader2 [2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo [2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Downloads [2011-07-23 21:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubDownloader2 [2011-07-23 20:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm [2011-07-23 20:58:44 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Last.fm [2011-07-23 20:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm [2011-07-23 19:40:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011-07-23 19:40:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-07-23 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011-07-22 22:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-07-22 14:00:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WinMPG [2011-07-21 23:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011-07-21 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011-07-21 23:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011-07-21 23:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apple [2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011-07-21 21:34:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BESTplayer [2011-07-21 21:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2011-07-19 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BitTorrent [2011-07-19 20:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek [2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS [2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS [2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-07-19 15:34:15 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Ahead [2011-07-19 01:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011-07-19 01:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-07-19 01:10:53 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011-07-18 23:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2011-07-18 23:26:43 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-07-18 23:26:41 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-07-18 23:26:26 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-07-18 23:26:22 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-07-18 23:26:19 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011-07-18 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\cache [2011-07-18 23:26:14 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-07-18 23:26:13 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-07-18 23:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2011-07-18 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Macromedia [2011-07-18 23:25:37 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011-07-18 23:24:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011-07-18 23:24:41 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10 [2011-07-18 23:24:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Google [2011-07-18 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apps [2011-07-18 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Deployment [2011-07-18 23:22:53 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-07-18 23:22:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2011-07-18 23:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011-07-16 19:25:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011-07-16 13:57:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Mp3tag [2011-07-16 13:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [2011-07-16 13:53:53 | 000,406,528 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll [2011-07-16 13:53:53 | 000,338,432 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2011-07-16 13:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software [2011-07-16 13:53:24 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software [2011-07-16 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Winamp [2011-07-16 13:44:29 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Adobe [2011-07-16 13:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011-07-16 13:44:10 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Adobe [2011-07-16 13:41:54 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WTablet [2011-07-16 13:41:53 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll [2011-07-16 13:41:52 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll [2011-07-16 13:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2011-07-16 13:41:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo [2011-07-16 13:41:09 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys [2011-07-16 13:40:58 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys [2011-07-16 13:40:51 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys [2011-07-16 13:40:47 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2011-07-16 13:40:47 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2011-07-16 13:40:46 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll [2011-07-16 13:40:46 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll [2011-07-16 13:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2011-07-16 13:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011-07-16 13:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011-07-16 13:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011-07-16 13:21:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft Help [2011-07-16 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2011-07-16 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011-07-16 13:20:56 | 000,000,000 | R--D | C] -- C:\MSOCache [2011-07-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011-07-16 13:12:58 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys [2011-07-16 13:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2011-07-16 13:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprzet [2011-07-16 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Ahead [2011-07-16 13:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Premium [2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2011-07-16 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011-07-16 12:52:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite [2011-07-16 12:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2011-07-16 12:41:45 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011-07-16 12:41:45 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011-07-16 12:41:45 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011-07-16 12:41:45 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011-07-16 12:41:41 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011-07-16 12:41:40 | 000,176,640 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll [2011-07-16 12:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011-07-16 12:41:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011-07-16 12:41:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011-07-16 12:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\ATI [2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ATI [2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011-07-16 12:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011-07-16 12:35:06 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011-07-16 12:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Searches [2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011-07-16 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Identities [2011-07-16 12:28:10 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Contacts [2011-07-16 12:28:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\VirtualStore [2011-07-16 12:27:58 | 000,000,000 | --SD | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Videos [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Saved Games [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Pictures [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Music [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Links [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Favorites [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Downloads [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Documents [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Desktop [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Ustawienia lokalne [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Temporary Internet Files [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Szablony [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\SendTo [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Recent [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\PrintHood [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\NetHood [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje wideo [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje obrazy [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Moje dokumenty [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moja muzyka [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Menu Start [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Historia [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Dane aplikacji [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Dane aplikacji [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Cookies [2011-07-16 12:27:58 | 000,000,000 | -H-D | C] -- C:\Users\Neirol\AppData [2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Temp [2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft [2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Media Center Programs [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2011-07-16 12:27:43 | 000,000,000 | ---D | C] -- C:\Recovery [2011-07-16 12:21:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011-07-16 12:18:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011-07-16 12:17:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-08-06 11:36:52 | 002,535,461 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl [2011-08-06 11:34:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job [2011-08-06 11:16:05 | 000,375,441 | ---- | M] () -- C:\Users\Neirol\Desktop\menadzer.jpg [2011-08-06 10:57:32 | 000,000,570 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2011-08-06 10:57:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-08-06 10:53:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys [2011-08-06 10:52:00 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-08-06 10:51:59 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-08-06 10:48:47 | 000,002,963 | ---- | M] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk [2011-08-06 10:34:01 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job [2011-08-05 23:57:26 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html [2011-08-05 14:05:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html [2011-08-05 13:51:11 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-08-05 13:51:11 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-08-05 13:51:11 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-08-05 13:51:10 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-08-05 13:51:10 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-08-04 20:19:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Templi2228.html [2011-08-04 20:19:15 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html [2011-08-03 10:36:35 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html [2011-08-03 10:36:35 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html [2011-08-02 00:30:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html [2011-08-02 00:30:37 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html [2011-08-01 22:04:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html [2011-08-01 10:47:48 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html [2011-08-01 10:47:48 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html [2011-08-01 01:07:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html [2011-08-01 01:07:20 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html [2011-08-01 00:25:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html [2011-07-31 21:05:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html [2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-07-31 01:01:31 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html [2011-07-30 20:53:59 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html [2011-07-30 16:35:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html [2011-07-29 21:12:57 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html [2011-07-29 18:45:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html [2011-07-29 18:45:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html [2011-07-29 00:48:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html [2011-07-27 23:19:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html [2011-07-27 17:24:40 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html [2011-07-27 16:58:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html [2011-07-27 14:13:16 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html [2011-07-27 13:06:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011-07-26 17:26:19 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html [2011-07-26 17:26:19 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html [2011-07-26 15:57:02 | 000,000,579 | ---- | M] () -- C:\Windows\qtracker.INI [2011-07-26 14:18:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-07-26 13:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html [2011-07-26 13:37:36 | 000,000,262 | ---- | M] () -- C:\Windows\game.ini [2011-07-26 01:36:44 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html [2011-07-26 01:36:44 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html [2011-07-26 00:29:08 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html [2011-07-26 00:29:08 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempND3896.html [2011-07-25 21:49:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html [2011-07-25 18:16:05 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html [2011-07-25 17:55:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html [2011-07-25 17:55:21 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html [2011-07-25 13:18:52 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html [2011-07-25 01:09:18 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html [2011-07-25 01:09:18 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html [2011-07-24 16:40:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html [2011-07-24 02:02:43 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html [2011-07-23 21:19:45 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html [2011-07-23 16:07:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html [2011-07-23 01:34:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html [2011-07-23 01:34:51 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html [2011-07-22 18:11:19 | 000,004,608 | ---- | M] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-22 13:24:07 | 000,001,526 | ---- | M] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk [2011-07-22 13:21:44 | 000,001,279 | ---- | M] () -- C:\Users\Neirol\Desktop\Photoshop.lnk [2011-07-22 13:21:27 | 000,000,937 | ---- | M] () -- C:\Users\Neirol\Desktop\Winamp.lnk [2011-07-22 10:38:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html [2011-07-22 10:38:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html [2011-07-22 01:45:55 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html [2011-07-22 01:45:55 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html [2011-07-21 20:25:32 | 000,000,941 | ---- | M] () -- C:\Users\Neirol\Desktop\GG.lnk [2011-07-20 13:19:17 | 002,169,856 | ---- | M] () -- C:\Windows\SysNative\hale.exe [2011-07-20 13:17:12 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs [2011-07-20 13:17:12 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe [2011-07-20 11:56:42 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html [2011-07-20 11:56:42 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html [2011-07-20 01:13:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html [2011-07-20 01:13:24 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html [2011-07-19 23:26:27 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html [2011-07-19 20:51:32 | 000,000,540 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2011-07-19 20:47:38 | 000,000,921 | ---- | M] () -- C:\Users\Neirol\Desktop\Soulseek.lnk [2011-07-19 20:05:52 | 000,000,508 | ---- | M] () -- C:\Users\Neirol\Desktop\Sieć.lnk [2011-07-19 13:57:47 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html [2011-07-19 13:57:47 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html [2011-07-19 01:15:30 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html [2011-07-19 01:15:30 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html [2011-07-16 21:03:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011-07-16 19:25:43 | 000,350,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-07-16 13:53:53 | 000,406,528 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll [2011-07-16 13:53:53 | 000,338,432 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Studia.lnk [2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Muzyka.lnk [2011-07-16 13:51:29 | 000,000,651 | ---- | M] () -- C:\Users\Neirol\Desktop\Filmy.lnk [2011-07-16 13:43:33 | 000,001,418 | ---- | M] () -- C:\Users\Neirol\Desktop\Tablet.lnk [2011-07-16 13:17:52 | 000,000,602 | ---- | M] () -- C:\Users\Neirol\Desktop\Programy (E).lnk [2011-07-16 13:17:35 | 000,000,595 | ---- | M] () -- C:\Users\Neirol\Desktop\Media (D).lnk [2011-07-16 13:15:38 | 000,000,877 | ---- | M] () -- C:\Users\Neirol\Desktop\Reason.lnk [2011-07-16 12:53:29 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-07-16 12:39:16 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-07-04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-07-04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011-07-04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-07-04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-07-04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-07-04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-06-26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-08-06 11:16:05 | 000,375,441 | ---- | C] () -- C:\Users\Neirol\Desktop\menadzer.jpg [2011-08-06 10:57:32 | 000,000,570 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2011-08-06 10:48:47 | 000,002,963 | ---- | C] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk [2011-08-05 22:03:20 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html [2011-08-05 15:17:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011-08-05 11:43:40 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html [2011-08-04 20:13:59 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Templi2228.html [2011-08-04 20:13:59 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html [2011-08-03 10:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html [2011-08-03 10:28:51 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html [2011-08-01 23:34:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html [2011-08-01 23:34:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html [2011-08-01 19:11:25 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html [2011-08-01 10:47:48 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html [2011-08-01 10:47:48 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html [2011-08-01 00:26:21 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html [2011-08-01 00:26:21 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html [2011-07-31 23:43:14 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html [2011-07-31 14:36:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html [2011-07-30 22:30:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html [2011-07-30 18:51:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html [2011-07-30 16:27:35 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html [2011-07-29 20:59:07 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html [2011-07-29 13:02:52 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html [2011-07-29 13:02:52 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html [2011-07-28 19:10:01 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html [2011-07-27 18:08:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html [2011-07-27 17:23:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html [2011-07-27 16:30:33 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html [2011-07-27 13:17:04 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html [2011-07-27 12:57:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011-07-27 12:57:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011-07-27 12:57:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011-07-27 12:57:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011-07-27 12:57:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-07-26 17:25:19 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html [2011-07-26 17:25:19 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html [2011-07-26 14:18:58 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-07-26 14:18:40 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-07-26 14:18:30 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-07-26 14:04:41 | 000,000,579 | ---- | C] () -- C:\Windows\qtracker.INI [2011-07-26 13:37:36 | 000,000,262 | ---- | C] () -- C:\Windows\game.ini [2011-07-26 12:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html [2011-07-26 01:14:58 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html [2011-07-26 01:14:58 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html [2011-07-25 22:27:10 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html [2011-07-25 22:27:10 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempND3896.html [2011-07-25 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html [2011-07-25 18:04:23 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html [2011-07-25 13:37:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html [2011-07-25 13:37:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html [2011-07-25 12:06:24 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html [2011-07-25 00:29:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html [2011-07-25 00:29:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html [2011-07-24 12:41:06 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html [2011-07-24 00:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html [2011-07-23 19:33:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html [2011-07-23 12:32:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html [2011-07-22 22:54:29 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-07-22 13:05:49 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html [2011-07-22 13:05:49 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html [2011-07-22 10:28:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html [2011-07-22 10:28:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html [2011-07-22 10:26:28 | 002,354,699 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl [2011-07-22 01:11:15 | 000,004,608 | ---- | C] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-21 23:55:07 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011-07-21 11:46:56 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html [2011-07-21 11:46:56 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html [2011-07-20 11:27:32 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html [2011-07-20 11:27:32 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html [2011-07-20 00:46:42 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html [2011-07-20 00:46:42 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html [2011-07-19 20:50:32 | 000,000,540 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2011-07-19 20:47:11 | 000,000,921 | ---- | C] () -- C:\Users\Neirol\Desktop\Soulseek.lnk [2011-07-19 20:45:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html [2011-07-19 20:03:08 | 000,000,508 | ---- | C] () -- C:\Users\Neirol\Desktop\Sieć.lnk [2011-07-19 12:58:00 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html [2011-07-19 12:58:00 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html [2011-07-19 12:56:47 | 000,000,941 | ---- | C] () -- C:\Users\Neirol\Desktop\GG.lnk [2011-07-19 12:51:49 | 002,169,856 | ---- | C] () -- C:\Windows\SysNative\hale.exe [2011-07-18 23:26:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html [2011-07-18 23:26:17 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html [2011-07-18 23:26:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011-07-18 23:25:40 | 000,001,526 | ---- | C] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk [2011-07-18 23:24:12 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job [2011-07-18 23:24:09 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job [2011-07-16 21:03:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Studia.lnk [2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Muzyka.lnk [2011-07-16 13:51:29 | 000,000,651 | ---- | C] () -- C:\Users\Neirol\Desktop\Filmy.lnk [2011-07-16 13:51:05 | 000,000,937 | ---- | C] () -- C:\Users\Neirol\Desktop\Winamp.lnk [2011-07-16 13:43:33 | 000,001,418 | ---- | C] () -- C:\Users\Neirol\Desktop\Tablet.lnk [2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml [2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml [2011-07-16 13:15:38 | 000,000,877 | ---- | C] () -- C:\Users\Neirol\Desktop\Reason.lnk [2011-07-16 13:02:34 | 000,001,279 | ---- | C] () -- C:\Users\Neirol\Desktop\Photoshop.lnk [2011-07-16 12:53:29 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-07-16 12:39:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-07-16 12:36:06 | 000,018,335 | ---- | C] () -- C:\Windows\atiogl.xml [2011-07-16 12:30:44 | 000,000,602 | ---- | C] () -- C:\Users\Neirol\Desktop\Programy (E).lnk [2011-07-16 12:30:44 | 000,000,595 | ---- | C] () -- C:\Users\Neirol\Desktop\Media (D).lnk [2011-07-16 12:29:24 | 000,001,417 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011-07-16 12:29:17 | 000,001,451 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-07-16 12:22:19 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011-07-16 12:22:04 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011-07-16 12:17:48 | 3019,350,016 | -HS- | C] () -- C:\hiberfil.sys [2011-03-16 17:42:51 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\Amhooker.dll [2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\winver.exe [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe [2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Neirol\AppData\Roaming\MafiaSetup.exe [color=#E56717]========== LOP Check ==========[/color] [2011-07-21 21:35:11 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BESTplayer [2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BitTorrent [2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite [2011-07-19 01:15:30 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10 [2011-07-23 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo [2011-07-16 13:57:10 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Mp3tag [2011-07-16 13:53:24 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software [2011-07-22 14:00:01 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\WinMPG [2009-07-14 07:08:49 | 000,012,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-07-27 13:13:08 | 000,013,920 | ---- | M] () -- C:\ComboFix.txt [2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys [2011-08-06 10:53:23 | 4025,802,752 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\ERDNT\cache64\ndis.sys [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\ProgramData\Microsoft\Windows\SXS\64\winlogon.exe [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Users\All Users\Microsoft\Windows\SXS\64\winlogon.exe [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2011-07-20 13:17:12 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=87A00ED70FEC36D0DD968E5058C29AA1 -- C:\Windows\SysNative\winlogon.exe < End of report > [/log] No i ComboFix: [log] ComboFix 11-08-05.03 - Neirol 2011-08-06 11:58:26.3.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.3839.2600 [GMT 2:00] Uruchomiony z: d:\download\Programy różnorakie\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Pliki utworzone od 2011-07-06 do 2011-08-06 ))))))))))))))))))))))))))))))) . . 2011-08-06 10:02 . 2011-08-06 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-07-26 12:18 . 2011-07-26 12:18 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-07-25 17:07 . 2011-07-25 17:07 -------- d-----w- c:\program files (x86)\directx 2011-07-25 11:14 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2011-07-25 11:13 . 2006-12-08 10:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll 2011-07-24 22:22 . 2011-07-24 22:22 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2011-07-24 22:21 . 2011-07-24 22:21 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-07-23 18:59 . 2011-07-23 18:59 -------- d-----w- c:\programdata\Last.fm 2011-07-23 18:59 . 2008-05-13 15:23 417792 ----a-w- c:\program files (x86)\Windows Media Player\Plugins\wmp_scrobbler.dll 2011-07-22 20:54 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin7.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin6.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin5.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin4.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin3.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin2.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin.dll 2011-07-21 21:56 . 2011-07-21 21:56 -------- d-----w- c:\programdata\Apple Computer 2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\programdata\Apple 2011-07-19 18:47 . 2011-08-05 16:47 -------- d-----w- c:\programdata\Soulseek 2011-07-19 10:56 . 2011-06-20 06:57 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{641EE92E-DA74-410A-8481-16E6517C03F3}\mpengine.dll 2011-07-19 10:56 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-07-19 10:51 . 2011-07-20 11:19 2169856 ----a-w- c:\windows\system32\hale.exe 2011-07-18 23:11 . 2011-07-18 23:11 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-07-18 23:10 . 2011-07-18 23:10 -------- d-----w- c:\windows\Sun 2011-07-18 23:10 . 2011-07-18 23:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-07-18 21:48 . 2011-07-18 21:47 468480 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-18 21:26 . 2011-07-04 11:32 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-07-18 21:26 . 2011-07-04 11:36 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-18 21:26 . 2011-07-04 11:32 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-18 21:26 . 2011-07-04 11:35 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-18 21:26 . 2011-07-04 11:36 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-18 21:26 . 2011-07-04 11:32 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-18 21:26 . 2011-07-04 11:43 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-18 21:26 . 2011-07-18 21:26 -------- d-----w- c:\programdata\Gadu-Gadu 10 2011-07-18 21:24 . 2011-07-18 21:24 -------- d-----w- c:\windows\SysWow64\Macromed 2011-07-18 21:22 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr 2011-07-18 21:22 . 2011-07-04 11:43 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-07-18 21:22 . 2011-07-18 21:22 -------- d-----w- c:\programdata\AVAST Software 2011-07-16 11:53 . 2011-07-16 11:53 406528 ----a-w- c:\windows\SysWow64\ReWire.dll 2011-07-16 11:53 . 2011-07-16 11:53 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll 2011-07-16 11:53 . 2011-07-16 11:53 -------- d-----w- c:\programdata\Propellerhead Software 2011-07-16 11:44 . 2011-07-16 11:44 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-07-16 11:44 . 2011-08-05 13:17 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-07-16 11:41 . 2010-10-26 21:42 642928 ------w- c:\windows\SysWow64\Pen_Touch_Tablet.dll 2011-07-16 11:41 . 2010-10-26 21:42 749936 ------w- c:\windows\system32\Pen_Touch_Tablet.dll 2011-07-16 11:41 . 2011-07-16 11:41 -------- d-----w- c:\program files (x86)\TabletPlugins 2011-07-16 11:41 . 2010-10-11 19:19 18288 ----a-w- c:\windows\system32\drivers\wacmoumonitor.sys 2011-07-16 11:40 . 2010-10-11 19:19 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys 2011-07-16 11:40 . 2010-10-11 19:19 16168 ----a-w- c:\windows\system32\drivers\wacomvhid.sys 2011-07-16 11:40 . 2010-10-26 21:42 600432 ------w- c:\windows\system32\Wintab32.dll 2011-07-16 11:40 . 2010-10-26 21:42 506736 ------w- c:\windows\SysWow64\Wintab32.dll 2011-07-16 11:40 . 2010-10-26 21:42 756592 ------w- c:\windows\system32\Pen_Tablet.dll 2011-07-16 11:40 . 2010-10-26 21:42 650096 ------w- c:\windows\SysWow64\Pen_Tablet.dll 2011-07-16 11:40 . 2011-07-16 11:41 -------- d-----w- c:\program files\Tablet 2011-07-16 11:34 . 2011-07-16 11:34 -------- d-----w- c:\program files (x86)\Microsoft Works 2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\windows\PCHEALTH 2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\program files (x86)\Microsoft.NET 2011-07-16 11:21 . 2011-07-16 11:36 -------- d-----w- c:\programdata\Microsoft Help 2011-07-16 11:20 . 2011-07-16 11:20 -------- d-----r- C:\MSOCache 2011-07-16 11:16 . 2011-07-16 10:27 -------- d-----w- c:\windows\Panther 2011-07-16 11:12 . 2010-07-09 11:19 21480 ----a-w- c:\windows\system32\drivers\cpuz134_x64.sys 2011-07-16 11:01 . 2011-07-16 11:02 -------- d-----w- c:\program files (x86)\Common Files\Ahead 2011-07-16 11:01 . 2011-07-16 11:01 -------- d-----w- c:\programdata\Nero 2011-07-16 10:53 . 2011-07-16 10:53 834544 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-07-16 10:49 . 2011-07-16 10:52 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\windows\SysWow64\RTCOM 2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\program files\Realtek 2011-07-16 10:40 . 2011-07-16 10:40 -------- d-----w- c:\programdata\ATI 2011-07-16 10:39 . 2011-07-16 10:39 0 ----a-w- c:\windows\ativpsrm.bin 2011-07-16 10:36 . 2009-05-05 14:00 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys 2011-07-16 10:36 . 2009-07-30 03:04 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-07-16 10:35 . 2011-08-06 08:48 -------- d-sh--w- c:\windows\Installer 2011-07-16 10:35 . 2011-07-16 10:35 -------- d-----w- c:\program files\ATI 2011-07-16 10:33 . 2009-04-28 10:33 67128 ----a-w- c:\windows\system32\drivers\amdsata.sys 2011-07-16 10:33 . 2009-04-28 10:33 28216 ----a-w- c:\windows\system32\drivers\amdxata.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-20 11:18 . 2009-07-13 23:52 65536 ----a-w- c:\windows\system32\sppuinotify.dll 2011-07-20 11:18 . 2009-07-13 23:51 381952 ----a-w- c:\windows\system32\sppcommdlg.dll 2011-07-20 11:18 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll 2011-07-20 11:18 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll 2011-07-20 11:18 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll 2011-07-20 11:18 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll 2011-07-20 11:17 . 2009-07-13 23:57 2048 ----a-w- c:\windows\system32\winver.exe 2011-07-20 11:17 . 2009-07-13 23:52 389632 ----a-w- c:\windows\system32\winlogon.exe 2011-07-20 11:17 . 2009-07-13 23:52 349696 ----a-w- c:\windows\system32\slui.exe 2011-07-20 11:17 . 2009-06-10 20:59 107946 ----a-w- c:\windows\system32\slmgr.vbs . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [-] 2011-07-20 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7600.16385] .. c:\windows\system32\winlogon.exe . [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2011-07-20 . F78E7BD7ADC829D9DD92C558180E09DB . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll . ((((((((((((((((((((((((((((( SnapShot@2011-07-27_11.07.22 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-07-27 11:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-08-06 10:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-07-16 10:45 . 2011-08-06 10:06 23514 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-08-06 10:06 39422 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:46 . 2011-08-06 09:27 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-07-14 04:46 . 2011-07-24 00:10 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-07-16 10:41 . 2011-08-06 10:06 4474 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-160874040-2124205273-324844842-1000_UserData.bin + 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-07-16 17:20 . 2011-08-05 21:57 285204 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2009-07-14 17:55 . 2011-07-25 16:28 687828 c:\windows\system32\perfh015.dat + 2009-07-14 17:55 . 2011-08-05 11:51 687828 c:\windows\system32\perfh015.dat + 2009-07-14 02:36 . 2011-08-05 11:51 607190 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-07-25 16:28 607190 c:\windows\system32\perfh009.dat - 2009-07-14 17:55 . 2011-07-25 16:28 131382 c:\windows\system32\perfc015.dat + 2009-07-14 17:55 . 2011-08-05 11:51 131382 c:\windows\system32\perfc015.dat + 2009-07-14 02:36 . 2011-08-05 11:51 103568 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-07-25 16:28 103568 c:\windows\system32\perfc009.dat - 2009-07-14 02:34 . 2011-07-23 18:18 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 02:34 . 2011-08-05 13:19 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 04:45 . 2011-08-06 08:23 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2011-07-23 10:30 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2010-09-23 14:13 . 2010-09-23 14:13 3978752 c:\windows\Installer\c7570b.msi + 2011-08-06 08:47 . 2011-08-06 08:47 1402880 c:\windows\Installer\84710.msi . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="e:\avast\avastUI.exe" [2011-07-04 3493720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x] R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280] S3 netr28x;Sterownik karty sieci bezprzewodowej Ralink 802.11n dla systemu Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x] S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Zawartość folderu 'Zaplanowane zadania' . 2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job - c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24] . 2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job - c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- e:\avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-24 7935520] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-24 1833504] "WheelMouse"="e:\mysz\Amoumain.exe" [2008-03-07 237568] "Chew7Hale"="c:\windows\System32\hale.exe" [2011-07-20 2169856] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 62.179.1.63 62.179.1.62 . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . e:\avast\AvastSvc.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe . ************************************************************************** . Czas ukończenia: 2011-08-06 12:10:04 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-08-06 10:10 ComboFix2.txt 2011-07-27 11:13 . Przed: 13 860 237 312 bajtów wolnych Po: 13 666 430 976 bajtów wolnych . - - End Of File - - 3141A1D1C2552EA112A12F879868021B [/log] Rady porady? Help![quote name='Neirol' timestamp='1312625791' post='1315743'] Witam, problem wałkowany od zarania dziejów, czytałem mnóstwo różnych tematów z poradami, rozwiązaniami etc., ale nic to w sumie nie daje. A wiadomo, przyczyny często najróżniejsze, na logach z Hijackthis czy Combofix się nie znam, więc piszę z nadzieją do Was. Otóż w moim przypadku komputer formatowałem już kilka razy, zawsze pomagało to na tydzień lub dwa, po czym wszystko znowu strasznie zwalniało - w bezczynności CPU 70-100% przy trybie zwiększonej wydajności (procesor Athlon II Dual Core M-320 2x2.1ghz, 4gb ram, plyta główna MSI MS-1684, Radeon HD 4200, Windows 7). W menadżerze zadań niepokoją poreplikowane procesy (wiem że kilka svchost to norma, no ale zobaczcie sami: http://img217.imageshack.us/img217/884/menadzer.jpg ), a żadnych zbędnych rzeczy nie instalowałem. Prędzej myślałem że to może wina automatycznych aktualizacji, więc po ostatnim formacie je wyłączyłem, ale nic to nie dało. Czyściłem jakoś na czuja ComboFixem i HiJackThis (niemądrze, wiem, ale się zdenerwowałem już!) a także CCleaner - nic. Zapodaję logi. HiJackThis: [log] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:19:50, on 2011-08-06 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe E:\Mysz\Amoumain.exe C:\Windows\System32\hale.exe C:\Windows\SysWOW64\cmd.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe E:\Avast\AvastUI.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe E:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "E:\Avast\avastUI.exe" /nogui O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - E:\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 4247 bytes [/log] OTL (ustawienia jak w temacie http://www.forumpc.pl/index.php?showtopic=104338 ) : [log] OTL logfile created on: 2011-08-06 11:28:30 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = D:\Download 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,75 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 62,79% Memory free 7,50 Gb Paging File | 6,00 Gb Available in Paging File | 80,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 30,18 Gb Total Space | 13,03 Gb Free Space | 43,17% Space Free | Partition Type: NTFS Drive D: | 180,66 Gb Total Space | 19,61 Gb Free Space | 10,85% Space Free | Partition Type: NTFS Drive E: | 87,15 Gb Total Space | 41,79 Gb Free Space | 47,95% Space Free | Partition Type: NTFS Computer Name: NEIROMPUTER | User Name: Neirol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - File not found -- PRC - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- E:\Avast\AvastUI.exe PRC - [2009-07-14 03:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe PRC - [2009-07-14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe PRC - [2008-03-07 17:04:28 | 000,237,568 | ---- | M] () -- E:\Mysz\Amoumain.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- E:\Avast\snxhk.dll MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2007-04-07 20:22:06 | 000,032,768 | ---- | M] () -- C:\Windows\SysWOW64\Amhooker.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2009-07-30 05:03:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011-07-26 14:18:30 | 000,075,064 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-07-16 12:53:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2010-10-11 21:19:36 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2010-10-11 21:19:28 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2010-10-11 21:19:26 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134) DRV:[b]64bit:[/b] - [2009-07-30 15:11:22 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-05 16:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2008-02-13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt) DRV:[b]64bit:[/b] - [2007-10-15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2011-07-27 13:06:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O2 - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe () O4 - HKLM..\Run: [Chew7Hale] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-08-06 10:48:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011-08-01 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Soulseek Chat Logs [2011-07-29 18:45:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ElevatedDiagnostics [2011-07-27 13:18:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011-07-27 13:03:36 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011-07-27 12:57:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011-07-27 12:57:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011-07-27 12:57:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011-07-26 14:12:30 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\PunkBuster [2011-07-26 13:48:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Qtracker [2011-07-26 13:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qtracker [2011-07-26 13:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision [2011-07-26 13:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gBurner [2011-07-25 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Syberia Saves [2011-07-25 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\GTA San Andreas User Files [2011-07-25 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011-07-25 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx [2011-07-25 19:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microids [2011-07-25 18:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia [2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia [2011-07-25 00:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011-07-25 00:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011-07-25 00:16:35 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\2K Games [2011-07-23 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SubDownloader2 [2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo [2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Downloads [2011-07-23 21:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubDownloader2 [2011-07-23 20:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm [2011-07-23 20:58:44 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Last.fm [2011-07-23 20:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm [2011-07-23 19:40:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011-07-23 19:40:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-07-23 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011-07-22 22:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-07-22 14:00:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WinMPG [2011-07-21 23:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011-07-21 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011-07-21 23:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011-07-21 23:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apple [2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011-07-21 21:34:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BESTplayer [2011-07-21 21:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2011-07-19 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BitTorrent [2011-07-19 20:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek [2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS [2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS [2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011-07-19 15:34:15 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Ahead [2011-07-19 01:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011-07-19 01:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-07-19 01:10:53 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011-07-18 23:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2011-07-18 23:26:43 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-07-18 23:26:41 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-07-18 23:26:26 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-07-18 23:26:22 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-07-18 23:26:19 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011-07-18 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\cache [2011-07-18 23:26:14 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-07-18 23:26:13 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-07-18 23:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2011-07-18 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Macromedia [2011-07-18 23:25:37 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011-07-18 23:24:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011-07-18 23:24:41 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10 [2011-07-18 23:24:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Google [2011-07-18 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apps [2011-07-18 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Deployment [2011-07-18 23:22:53 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-07-18 23:22:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2011-07-18 23:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011-07-16 19:25:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011-07-16 13:57:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Mp3tag [2011-07-16 13:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [2011-07-16 13:53:53 | 000,406,528 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll [2011-07-16 13:53:53 | 000,338,432 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2011-07-16 13:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software [2011-07-16 13:53:24 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software [2011-07-16 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Winamp [2011-07-16 13:44:29 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Adobe [2011-07-16 13:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011-07-16 13:44:10 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Adobe [2011-07-16 13:41:54 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WTablet [2011-07-16 13:41:53 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll [2011-07-16 13:41:52 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll [2011-07-16 13:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2011-07-16 13:41:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo [2011-07-16 13:41:09 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys [2011-07-16 13:40:58 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys [2011-07-16 13:40:51 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys [2011-07-16 13:40:47 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2011-07-16 13:40:47 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2011-07-16 13:40:46 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll [2011-07-16 13:40:46 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll [2011-07-16 13:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2011-07-16 13:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011-07-16 13:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011-07-16 13:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011-07-16 13:21:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft Help [2011-07-16 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2011-07-16 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011-07-16 13:20:56 | 000,000,000 | R--D | C] -- C:\MSOCache [2011-07-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011-07-16 13:12:58 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys [2011-07-16 13:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2011-07-16 13:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprzet [2011-07-16 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Ahead [2011-07-16 13:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Premium [2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2011-07-16 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011-07-16 12:52:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite [2011-07-16 12:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2011-07-16 12:41:45 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011-07-16 12:41:45 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011-07-16 12:41:45 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011-07-16 12:41:45 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011-07-16 12:41:41 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011-07-16 12:41:40 | 000,176,640 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll [2011-07-16 12:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011-07-16 12:41:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011-07-16 12:41:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011-07-16 12:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\ATI [2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ATI [2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011-07-16 12:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011-07-16 12:35:06 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011-07-16 12:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Searches [2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011-07-16 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Identities [2011-07-16 12:28:10 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Contacts [2011-07-16 12:28:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\VirtualStore [2011-07-16 12:27:58 | 000,000,000 | --SD | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Videos [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Saved Games [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Pictures [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Music [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Links [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Favorites [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Downloads [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Documents [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Desktop [2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Ustawienia lokalne [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Temporary Internet Files [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Szablony [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\SendTo [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Recent [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\PrintHood [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\NetHood [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje wideo [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje obrazy [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Moje dokumenty [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moja muzyka [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Menu Start [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Historia [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Dane aplikacji [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Dane aplikacji [2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Cookies [2011-07-16 12:27:58 | 000,000,000 | -H-D | C] -- C:\Users\Neirol\AppData [2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Temp [2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft [2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Media Center Programs [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2011-07-16 12:27:43 | 000,000,000 | ---D | C] -- C:\Recovery [2011-07-16 12:21:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011-07-16 12:18:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011-07-16 12:17:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-08-06 11:36:52 | 002,535,461 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl [2011-08-06 11:34:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job [2011-08-06 11:16:05 | 000,375,441 | ---- | M] () -- C:\Users\Neirol\Desktop\menadzer.jpg [2011-08-06 10:57:32 | 000,000,570 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2011-08-06 10:57:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-08-06 10:53:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys [2011-08-06 10:52:00 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-08-06 10:51:59 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-08-06 10:48:47 | 000,002,963 | ---- | M] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk [2011-08-06 10:34:01 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job [2011-08-05 23:57:26 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html [2011-08-05 14:05:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html [2011-08-05 13:51:11 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-08-05 13:51:11 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-08-05 13:51:11 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-08-05 13:51:10 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-08-05 13:51:10 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-08-04 20:19:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Templi2228.html [2011-08-04 20:19:15 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html [2011-08-03 10:36:35 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html [2011-08-03 10:36:35 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html [2011-08-02 00:30:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html [2011-08-02 00:30:37 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html [2011-08-01 22:04:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html [2011-08-01 10:47:48 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html [2011-08-01 10:47:48 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html [2011-08-01 01:07:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html [2011-08-01 01:07:20 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html [2011-08-01 00:25:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html [2011-07-31 21:05:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html [2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-07-31 01:01:31 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html [2011-07-30 20:53:59 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html [2011-07-30 16:35:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html [2011-07-29 21:12:57 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html [2011-07-29 18:45:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html [2011-07-29 18:45:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html [2011-07-29 00:48:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html [2011-07-27 23:19:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html [2011-07-27 17:24:40 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html [2011-07-27 16:58:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html [2011-07-27 14:13:16 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html [2011-07-27 13:06:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011-07-26 17:26:19 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html [2011-07-26 17:26:19 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html [2011-07-26 15:57:02 | 000,000,579 | ---- | M] () -- C:\Windows\qtracker.INI [2011-07-26 14:18:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-07-26 13:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html [2011-07-26 13:37:36 | 000,000,262 | ---- | M] () -- C:\Windows\game.ini [2011-07-26 01:36:44 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html [2011-07-26 01:36:44 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html [2011-07-26 00:29:08 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html [2011-07-26 00:29:08 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempND3896.html [2011-07-25 21:49:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html [2011-07-25 18:16:05 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html [2011-07-25 17:55:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html [2011-07-25 17:55:21 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html [2011-07-25 13:18:52 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html [2011-07-25 01:09:18 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html [2011-07-25 01:09:18 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html [2011-07-24 16:40:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html [2011-07-24 02:02:43 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html [2011-07-23 21:19:45 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html [2011-07-23 16:07:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html [2011-07-23 01:34:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html [2011-07-23 01:34:51 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html [2011-07-22 18:11:19 | 000,004,608 | ---- | M] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-22 13:24:07 | 000,001,526 | ---- | M] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk [2011-07-22 13:21:44 | 000,001,279 | ---- | M] () -- C:\Users\Neirol\Desktop\Photoshop.lnk [2011-07-22 13:21:27 | 000,000,937 | ---- | M] () -- C:\Users\Neirol\Desktop\Winamp.lnk [2011-07-22 10:38:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html [2011-07-22 10:38:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html [2011-07-22 01:45:55 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html [2011-07-22 01:45:55 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html [2011-07-21 20:25:32 | 000,000,941 | ---- | M] () -- C:\Users\Neirol\Desktop\GG.lnk [2011-07-20 13:19:17 | 002,169,856 | ---- | M] () -- C:\Windows\SysNative\hale.exe [2011-07-20 13:17:12 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs [2011-07-20 13:17:12 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe [2011-07-20 11:56:42 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html [2011-07-20 11:56:42 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html [2011-07-20 01:13:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html [2011-07-20 01:13:24 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html [2011-07-19 23:26:27 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html [2011-07-19 20:51:32 | 000,000,540 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2011-07-19 20:47:38 | 000,000,921 | ---- | M] () -- C:\Users\Neirol\Desktop\Soulseek.lnk [2011-07-19 20:05:52 | 000,000,508 | ---- | M] () -- C:\Users\Neirol\Desktop\Sieć.lnk [2011-07-19 13:57:47 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html [2011-07-19 13:57:47 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html [2011-07-19 01:15:30 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html [2011-07-19 01:15:30 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html [2011-07-16 21:03:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011-07-16 19:25:43 | 000,350,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-07-16 13:53:53 | 000,406,528 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll [2011-07-16 13:53:53 | 000,338,432 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Studia.lnk [2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Muzyka.lnk [2011-07-16 13:51:29 | 000,000,651 | ---- | M] () -- C:\Users\Neirol\Desktop\Filmy.lnk [2011-07-16 13:43:33 | 000,001,418 | ---- | M] () -- C:\Users\Neirol\Desktop\Tablet.lnk [2011-07-16 13:17:52 | 000,000,602 | ---- | M] () -- C:\Users\Neirol\Desktop\Programy (E).lnk [2011-07-16 13:17:35 | 000,000,595 | ---- | M] () -- C:\Users\Neirol\Desktop\Media (D).lnk [2011-07-16 13:15:38 | 000,000,877 | ---- | M] () -- C:\Users\Neirol\Desktop\Reason.lnk [2011-07-16 12:53:29 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-07-16 12:39:16 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-07-04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-07-04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011-07-04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-07-04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-07-04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-07-04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-06-26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-08-06 11:16:05 | 000,375,441 | ---- | C] () -- C:\Users\Neirol\Desktop\menadzer.jpg [2011-08-06 10:57:32 | 000,000,570 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2011-08-06 10:48:47 | 000,002,963 | ---- | C] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk [2011-08-05 22:03:20 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html [2011-08-05 15:17:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011-08-05 11:43:40 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html [2011-08-04 20:13:59 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Templi2228.html [2011-08-04 20:13:59 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html [2011-08-03 10:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html [2011-08-03 10:28:51 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html [2011-08-01 23:34:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html [2011-08-01 23:34:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html [2011-08-01 19:11:25 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html [2011-08-01 10:47:48 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html [2011-08-01 10:47:48 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html [2011-08-01 00:26:21 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html [2011-08-01 00:26:21 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html [2011-07-31 23:43:14 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html [2011-07-31 14:36:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html [2011-07-30 22:30:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html [2011-07-30 18:51:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html [2011-07-30 16:27:35 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html [2011-07-29 20:59:07 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html [2011-07-29 13:02:52 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html [2011-07-29 13:02:52 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html [2011-07-28 19:10:01 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html [2011-07-27 18:08:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html [2011-07-27 17:23:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html [2011-07-27 16:30:33 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html [2011-07-27 13:17:04 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html [2011-07-27 12:57:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011-07-27 12:57:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011-07-27 12:57:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011-07-27 12:57:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011-07-27 12:57:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-07-26 17:25:19 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html [2011-07-26 17:25:19 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html [2011-07-26 14:18:58 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-07-26 14:18:40 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-07-26 14:18:30 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-07-26 14:04:41 | 000,000,579 | ---- | C] () -- C:\Windows\qtracker.INI [2011-07-26 13:37:36 | 000,000,262 | ---- | C] () -- C:\Windows\game.ini [2011-07-26 12:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html [2011-07-26 01:14:58 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html [2011-07-26 01:14:58 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html [2011-07-25 22:27:10 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html [2011-07-25 22:27:10 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempND3896.html [2011-07-25 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html [2011-07-25 18:04:23 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html [2011-07-25 13:37:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html [2011-07-25 13:37:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html [2011-07-25 12:06:24 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html [2011-07-25 00:29:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html [2011-07-25 00:29:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html [2011-07-24 12:41:06 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html [2011-07-24 00:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html [2011-07-23 19:33:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html [2011-07-23 12:32:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html [2011-07-22 22:54:29 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-07-22 13:05:49 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html [2011-07-22 13:05:49 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html [2011-07-22 10:28:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html [2011-07-22 10:28:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html [2011-07-22 10:26:28 | 002,354,699 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl [2011-07-22 01:11:15 | 000,004,608 | ---- | C] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-07-21 23:55:07 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011-07-21 11:46:56 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html [2011-07-21 11:46:56 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html [2011-07-20 11:27:32 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html [2011-07-20 11:27:32 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html [2011-07-20 00:46:42 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html [2011-07-20 00:46:42 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html [2011-07-19 20:50:32 | 000,000,540 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2011-07-19 20:47:11 | 000,000,921 | ---- | C] () -- C:\Users\Neirol\Desktop\Soulseek.lnk [2011-07-19 20:45:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html [2011-07-19 20:03:08 | 000,000,508 | ---- | C] () -- C:\Users\Neirol\Desktop\Sieć.lnk [2011-07-19 12:58:00 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html [2011-07-19 12:58:00 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html [2011-07-19 12:56:47 | 000,000,941 | ---- | C] () -- C:\Users\Neirol\Desktop\GG.lnk [2011-07-19 12:51:49 | 002,169,856 | ---- | C] () -- C:\Windows\SysNative\hale.exe [2011-07-18 23:26:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html [2011-07-18 23:26:17 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html [2011-07-18 23:26:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011-07-18 23:25:40 | 000,001,526 | ---- | C] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk [2011-07-18 23:24:12 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job [2011-07-18 23:24:09 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job [2011-07-16 21:03:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Studia.lnk [2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Muzyka.lnk [2011-07-16 13:51:29 | 000,000,651 | ---- | C] () -- C:\Users\Neirol\Desktop\Filmy.lnk [2011-07-16 13:51:05 | 000,000,937 | ---- | C] () -- C:\Users\Neirol\Desktop\Winamp.lnk [2011-07-16 13:43:33 | 000,001,418 | ---- | C] () -- C:\Users\Neirol\Desktop\Tablet.lnk [2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml [2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml [2011-07-16 13:15:38 | 000,000,877 | ---- | C] () -- C:\Users\Neirol\Desktop\Reason.lnk [2011-07-16 13:02:34 | 000,001,279 | ---- | C] () -- C:\Users\Neirol\Desktop\Photoshop.lnk [2011-07-16 12:53:29 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2011-07-16 12:39:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-07-16 12:36:06 | 000,018,335 | ---- | C] () -- C:\Windows\atiogl.xml [2011-07-16 12:30:44 | 000,000,602 | ---- | C] () -- C:\Users\Neirol\Desktop\Programy (E).lnk [2011-07-16 12:30:44 | 000,000,595 | ---- | C] () -- C:\Users\Neirol\Desktop\Media (D).lnk [2011-07-16 12:29:24 | 000,001,417 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011-07-16 12:29:17 | 000,001,451 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-07-16 12:22:19 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011-07-16 12:22:04 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011-07-16 12:17:48 | 3019,350,016 | -HS- | C] () -- C:\hiberfil.sys [2011-03-16 17:42:51 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\Amhooker.dll [2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\winver.exe [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe [2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Neirol\AppData\Roaming\MafiaSetup.exe [color=#E56717]========== LOP Check ==========[/color] [2011-07-21 21:35:11 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BESTplayer [2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BitTorrent [2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite [2011-07-19 01:15:30 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10 [2011-07-23 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo [2011-07-16 13:57:10 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Mp3tag [2011-07-16 13:53:24 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software [2011-07-22 14:00:01 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\WinMPG [2009-07-14 07:08:49 | 000,012,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-07-27 13:13:08 | 000,013,920 | ---- | M] () -- C:\ComboFix.txt [2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys [2011-08-06 10:53:23 | 4025,802,752 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\ERDNT\cache64\ndis.sys [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\ProgramData\Microsoft\Windows\SXS\64\winlogon.exe [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Users\All Users\Microsoft\Windows\SXS\64\winlogon.exe [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2011-07-20 13:17:12 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=87A00ED70FEC36D0DD968E5058C29AA1 -- C:\Windows\SysNative\winlogon.exe < End of report > [/log] No i ComboFix: [log] ComboFix 11-08-05.03 - Neirol 2011-08-06 11:58:26.3.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.3839.2600 [GMT 2:00] Uruchomiony z: d:\download\Programy różnorakie\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Pliki utworzone od 2011-07-06 do 2011-08-06 ))))))))))))))))))))))))))))))) . . 2011-08-06 10:02 . 2011-08-06 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-07-26 12:18 . 2011-07-26 12:18 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-07-25 17:07 . 2011-07-25 17:07 -------- d-----w- c:\program files (x86)\directx 2011-07-25 11:14 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2011-07-25 11:13 . 2006-12-08 10:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll 2011-07-24 22:22 . 2011-07-24 22:22 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2011-07-24 22:21 . 2011-07-24 22:21 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-07-23 18:59 . 2011-07-23 18:59 -------- d-----w- c:\programdata\Last.fm 2011-07-23 18:59 . 2008-05-13 15:23 417792 ----a-w- c:\program files (x86)\Windows Media Player\Plugins\wmp_scrobbler.dll 2011-07-22 20:54 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin7.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin6.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin5.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin4.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin3.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin2.dll 2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin.dll 2011-07-21 21:56 . 2011-07-21 21:56 -------- d-----w- c:\programdata\Apple Computer 2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\programdata\Apple 2011-07-19 18:47 . 2011-08-05 16:47 -------- d-----w- c:\programdata\Soulseek 2011-07-19 10:56 . 2011-06-20 06:57 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{641EE92E-DA74-410A-8481-16E6517C03F3}\mpengine.dll 2011-07-19 10:56 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-07-19 10:51 . 2011-07-20 11:19 2169856 ----a-w- c:\windows\system32\hale.exe 2011-07-18 23:11 . 2011-07-18 23:11 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-07-18 23:10 . 2011-07-18 23:10 -------- d-----w- c:\windows\Sun 2011-07-18 23:10 . 2011-07-18 23:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-07-18 21:48 . 2011-07-18 21:47 468480 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-18 21:26 . 2011-07-04 11:32 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-07-18 21:26 . 2011-07-04 11:36 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-18 21:26 . 2011-07-04 11:32 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-18 21:26 . 2011-07-04 11:35 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-18 21:26 . 2011-07-04 11:36 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-18 21:26 . 2011-07-04 11:32 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-18 21:26 . 2011-07-04 11:43 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-18 21:26 . 2011-07-18 21:26 -------- d-----w- c:\programdata\Gadu-Gadu 10 2011-07-18 21:24 . 2011-07-18 21:24 -------- d-----w- c:\windows\SysWow64\Macromed 2011-07-18 21:22 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr 2011-07-18 21:22 . 2011-07-04 11:43 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-07-18 21:22 . 2011-07-18 21:22 -------- d-----w- c:\programdata\AVAST Software 2011-07-16 11:53 . 2011-07-16 11:53 406528 ----a-w- c:\windows\SysWow64\ReWire.dll 2011-07-16 11:53 . 2011-07-16 11:53 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll 2011-07-16 11:53 . 2011-07-16 11:53 -------- d-----w- c:\programdata\Propellerhead Software 2011-07-16 11:44 . 2011-07-16 11:44 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-07-16 11:44 . 2011-08-05 13:17 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-07-16 11:41 . 2010-10-26 21:42 642928 ------w- c:\windows\SysWow64\Pen_Touch_Tablet.dll 2011-07-16 11:41 . 2010-10-26 21:42 749936 ------w- c:\windows\system32\Pen_Touch_Tablet.dll 2011-07-16 11:41 . 2011-07-16 11:41 -------- d-----w- c:\program files (x86)\TabletPlugins 2011-07-16 11:41 . 2010-10-11 19:19 18288 ----a-w- c:\windows\system32\drivers\wacmoumonitor.sys 2011-07-16 11:40 . 2010-10-11 19:19 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys 2011-07-16 11:40 . 2010-10-11 19:19 16168 ----a-w- c:\windows\system32\drivers\wacomvhid.sys 2011-07-16 11:40 . 2010-10-26 21:42 600432 ------w- c:\windows\system32\Wintab32.dll 2011-07-16 11:40 . 2010-10-26 21:42 506736 ------w- c:\windows\SysWow64\Wintab32.dll 2011-07-16 11:40 . 2010-10-26 21:42 756592 ------w- c:\windows\system32\Pen_Tablet.dll 2011-07-16 11:40 . 2010-10-26 21:42 650096 ------w- c:\windows\SysWow64\Pen_Tablet.dll 2011-07-16 11:40 . 2011-07-16 11:41 -------- d-----w- c:\program files\Tablet 2011-07-16 11:34 . 2011-07-16 11:34 -------- d-----w- c:\program files (x86)\Microsoft Works 2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\windows\PCHEALTH 2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\program files (x86)\Microsoft.NET 2011-07-16 11:21 . 2011-07-16 11:36 -------- d-----w- c:\programdata\Microsoft Help 2011-07-16 11:20 . 2011-07-16 11:20 -------- d-----r- C:\MSOCache 2011-07-16 11:16 . 2011-07-16 10:27 -------- d-----w- c:\windows\Panther 2011-07-16 11:12 . 2010-07-09 11:19 21480 ----a-w- c:\windows\system32\drivers\cpuz134_x64.sys 2011-07-16 11:01 . 2011-07-16 11:02 -------- d-----w- c:\program files (x86)\Common Files\Ahead 2011-07-16 11:01 . 2011-07-16 11:01 -------- d-----w- c:\programdata\Nero 2011-07-16 10:53 . 2011-07-16 10:53 834544 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-07-16 10:49 . 2011-07-16 10:52 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\windows\SysWow64\RTCOM 2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\program files\Realtek 2011-07-16 10:40 . 2011-07-16 10:40 -------- d-----w- c:\programdata\ATI 2011-07-16 10:39 . 2011-07-16 10:39 0 ----a-w- c:\windows\ativpsrm.bin 2011-07-16 10:36 . 2009-05-05 14:00 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys 2011-07-16 10:36 . 2009-07-30 03:04 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-07-16 10:35 . 2011-08-06 08:48 -------- d-sh--w- c:\windows\Installer 2011-07-16 10:35 . 2011-07-16 10:35 -------- d-----w- c:\program files\ATI 2011-07-16 10:33 . 2009-04-28 10:33 67128 ----a-w- c:\windows\system32\drivers\amdsata.sys 2011-07-16 10:33 . 2009-04-28 10:33 28216 ----a-w- c:\windows\system32\drivers\amdxata.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-20 11:18 . 2009-07-13 23:52 65536 ----a-w- c:\windows\system32\sppuinotify.dll 2011-07-20 11:18 . 2009-07-13 23:51 381952 ----a-w- c:\windows\system32\sppcommdlg.dll 2011-07-20 11:18 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll 2011-07-20 11:18 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll 2011-07-20 11:18 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll 2011-07-20 11:18 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll 2011-07-20 11:17 . 2009-07-13 23:57 2048 ----a-w- c:\windows\system32\winver.exe 2011-07-20 11:17 . 2009-07-13 23:52 389632 ----a-w- c:\windows\system32\winlogon.exe 2011-07-20 11:17 . 2009-07-13 23:52 349696 ----a-w- c:\windows\system32\slui.exe 2011-07-20 11:17 . 2009-06-10 20:59 107946 ----a-w- c:\windows\system32\slmgr.vbs . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [-] 2011-07-20 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7600.16385] .. c:\windows\system32\winlogon.exe . [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2011-07-20 . F78E7BD7ADC829D9DD92C558180E09DB . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll . ((((((((((((((((((((((((((((( SnapShot@2011-07-27_11.07.22 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-07-27 11:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-08-06 10:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-07-16 10:45 . 2011-08-06 10:06 23514 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-08-06 10:06 39422 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:46 . 2011-08-06 09:27 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-07-14 04:46 . 2011-07-24 00:10 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-07-16 10:41 . 2011-08-06 10:06 4474 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-160874040-2124205273-324844842-1000_UserData.bin + 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-07-16 17:20 . 2011-08-05 21:57 285204 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2009-07-14 17:55 . 2011-07-25 16:28 687828 c:\windows\system32\perfh015.dat + 2009-07-14 17:55 . 2011-08-05 11:51 687828 c:\windows\system32\perfh015.dat + 2009-07-14 02:36 . 2011-08-05 11:51 607190 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-07-25 16:28 607190 c:\windows\system32\perfh009.dat - 2009-07-14 17:55 . 2011-07-25 16:28 131382 c:\windows\system32\perfc015.dat + 2009-07-14 17:55 . 2011-08-05 11:51 131382 c:\windows\system32\perfc015.dat + 2009-07-14 02:36 . 2011-08-05 11:51 103568 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-07-25 16:28 103568 c:\windows\system32\perfc009.dat - 2009-07-14 02:34 . 2011-07-23 18:18 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 02:34 . 2011-08-05 13:19 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 04:45 . 2011-08-06 08:23 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2011-07-23 10:30 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2010-09-23 14:13 . 2010-09-23 14:13 3978752 c:\windows\Installer\c7570b.msi + 2011-08-06 08:47 . 2011-08-06 08:47 1402880 c:\windows\Installer\84710.msi . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="e:\avast\avastUI.exe" [2011-07-04 3493720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x] R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x] S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280] S3 netr28x;Sterownik karty sieci bezprzewodowej Ralink 802.11n dla systemu Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x] S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Zawartość folderu 'Zaplanowane zadania' . 2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job - c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24] . 2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job - c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- e:\avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-24 7935520] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-24 1833504] "WheelMouse"="e:\mysz\Amoumain.exe" [2008-03-07 237568] "Chew7Hale"="c:\windows\System32\hale.exe" [2011-07-20 2169856] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 62.179.1.63 62.179.1.62 . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . e:\avast\AvastSvc.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe . ************************************************************************** . Czas ukończenia: 2011-08-06 12:10:04 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-08-06 10:10 ComboFix2.txt 2011-07-27 11:13 . Przed: 13 860 237 312 bajtów wolnych Po: 13 666 430 976 bajtów wolnych . - - End Of File - - 3141A1D1C2552EA112A12F879868021B [/log] Rady porady? Help! [/quote] Noo, nikomu nic nie mówią te logi? Come on
kabi95 komentarz 6 sierpnia 2011 komentarz 6 sierpnia 2011 Widzę, że masz avasta. Skanowałeś czymś oprócz niego? Spróbuj przeskanować jeszcze np. darmowym skanerem online, np. Kaspersky. Jaki masz zasilacz?
neirol komentarz 7 sierpnia 2011 Autor komentarz 7 sierpnia 2011 (edytowane) Full check Kasperskim - nic. Zasilacz - może palnę głupotę, ale w przypadku laptopa to po prostu ta "cegła" na kablu zasilającym? Jeśli tak to hm, Delta Electronics, model ADP-65HB BB, V85, sporo tych literek i cyferek poza tym, coś podać więcej?BUMP!
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.