x-kom hosting

Problem z obciążeniem procesora

neirol
utworzono
utworzono

Witam,
problem wałkowany od zarania dziejów, czytałem mnóstwo różnych tematów z poradami, rozwiązaniami etc., ale nic to w sumie nie daje. A wiadomo, przyczyny często najróżniejsze, na logach z Hijackthis czy Combofix się nie znam, więc piszę z nadzieją do Was.

Otóż w moim przypadku komputer formatowałem już kilka razy, zawsze pomagało to na tydzień lub dwa, po czym wszystko znowu strasznie zwalniało - w bezczynności CPU 70-100% przy trybie zwiększonej wydajności (procesor Athlon II Dual Core M-320 2x2.1ghz, 4gb ram, plyta główna MSI MS-1684, Radeon HD 4200, Windows 7). W menadżerze zadań niepokoją poreplikowane procesy (wiem że kilka svchost to norma, no ale zobaczcie sami: http://img217.imageshack.us/img217/884/menadzer.jpg ), a żadnych zbędnych rzeczy nie instalowałem. Prędzej myślałem że to może wina automatycznych aktualizacji, więc po ostatnim formacie je wyłączyłem, ale nic to nie dało.

Czyściłem jakoś na czuja ComboFixem i HiJackThis (niemądrze, wiem, ale się zdenerwowałem już!) a także CCleaner - nic.
Zapodaję logi.

HiJackThis:

[log]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:50, on 2011-08-06
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
E:\Mysz\Amoumain.exe
C:\Windows\System32\hale.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Avast\AvastUI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
E:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "E:\Avast\avastUI.exe" /nogui
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - E:\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 4247 bytes

[/log]

OTL (ustawienia jak w temacie http://www.forumpc.pl/index.php?showtopic=104338 ) :

[log]

OTL logfile created on: 2011-08-06 11:28:30 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Download
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,75 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 62,79% Memory free
7,50 Gb Paging File | 6,00 Gb Available in Paging File | 80,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 30,18 Gb Total Space | 13,03 Gb Free Space | 43,17% Space Free | Partition Type: NTFS
Drive D: | 180,66 Gb Total Space | 19,61 Gb Free Space | 10,85% Space Free | Partition Type: NTFS
Drive E: | 87,15 Gb Total Space | 41,79 Gb Free Space | 47,95% Space Free | Partition Type: NTFS

Computer Name: NEIROMPUTER | User Name: Neirol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - File not found --
PRC - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- E:\Avast\AvastUI.exe
PRC - [2009-07-14 03:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009-07-14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2008-03-07 17:04:28 | 000,237,568 | ---- | M] () -- E:\Mysz\Amoumain.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- E:\Avast\snxhk.dll
MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2007-04-07 20:22:06 | 000,032,768 | ---- | M] () -- C:\Windows\SysWOW64\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2009-07-30 05:03:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-07-26 14:18:30 | 000,075,064 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2011-07-16 12:53:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2010-10-11 21:19:36 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2010-10-11 21:19:28 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2010-10-11 21:19:26 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2009-07-30 15:11:22 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 16:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2008-02-13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:[b]64bit:[/b] - [2007-10-15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]




IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)



O1 HOSTS File: ([2011-07-27 13:06:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe ()
O4 - HKLM..\Run: [Chew7Hale] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-08-06 10:48:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011-08-01 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Soulseek Chat Logs
[2011-07-29 18:45:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ElevatedDiagnostics
[2011-07-27 13:18:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011-07-27 13:03:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011-07-27 12:57:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011-07-27 12:57:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011-07-27 12:57:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011-07-26 14:12:30 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\PunkBuster
[2011-07-26 13:48:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Qtracker
[2011-07-26 13:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qtracker
[2011-07-26 13:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011-07-26 13:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gBurner
[2011-07-25 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Syberia Saves
[2011-07-25 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\GTA San Andreas User Files
[2011-07-25 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011-07-25 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx
[2011-07-25 19:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microids
[2011-07-25 18:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-07-25 00:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011-07-25 00:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011-07-25 00:16:35 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\2K Games
[2011-07-23 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SubDownloader2
[2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo
[2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Downloads
[2011-07-23 21:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubDownloader2
[2011-07-23 20:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2011-07-23 20:58:44 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Last.fm
[2011-07-23 20:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2011-07-23 19:40:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011-07-23 19:40:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-07-23 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011-07-22 22:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011-07-22 14:00:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WinMPG
[2011-07-21 23:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011-07-21 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011-07-21 23:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011-07-21 23:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apple
[2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011-07-21 21:34:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BESTplayer
[2011-07-21 21:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2011-07-19 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BitTorrent
[2011-07-19 20:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-07-19 15:34:15 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Ahead
[2011-07-19 01:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-07-19 01:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-07-19 01:10:53 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-07-18 23:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011-07-18 23:26:43 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-07-18 23:26:41 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-07-18 23:26:26 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-07-18 23:26:22 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-07-18 23:26:19 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-07-18 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\cache
[2011-07-18 23:26:14 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-07-18 23:26:13 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-07-18 23:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2011-07-18 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Macromedia
[2011-07-18 23:25:37 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011-07-18 23:24:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011-07-18 23:24:41 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10
[2011-07-18 23:24:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Google
[2011-07-18 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apps
[2011-07-18 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Deployment
[2011-07-18 23:22:53 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011-07-18 23:22:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-18 23:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011-07-16 19:25:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-07-16 13:57:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Mp3tag
[2011-07-16 13:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2011-07-16 13:53:53 | 000,406,528 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2011-07-16 13:53:53 | 000,338,432 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2011-07-16 13:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2011-07-16 13:53:24 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software
[2011-07-16 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Winamp
[2011-07-16 13:44:29 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Adobe
[2011-07-16 13:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011-07-16 13:44:10 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Adobe
[2011-07-16 13:41:54 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WTablet
[2011-07-16 13:41:53 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2011-07-16 13:41:52 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2011-07-16 13:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2011-07-16 13:41:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2011-07-16 13:41:09 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys
[2011-07-16 13:40:58 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys
[2011-07-16 13:40:51 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys
[2011-07-16 13:40:47 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
[2011-07-16 13:40:47 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
[2011-07-16 13:40:46 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2011-07-16 13:40:46 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2011-07-16 13:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2011-07-16 13:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011-07-16 13:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-07-16 13:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-07-16 13:21:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft Help
[2011-07-16 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011-07-16 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011-07-16 13:20:56 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011-07-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011-07-16 13:12:58 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2011-07-16 13:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011-07-16 13:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprzet
[2011-07-16 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Ahead
[2011-07-16 13:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Premium
[2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2011-07-16 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011-07-16 12:52:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite
[2011-07-16 12:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2011-07-16 12:41:45 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011-07-16 12:41:45 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011-07-16 12:41:45 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011-07-16 12:41:45 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011-07-16 12:41:41 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011-07-16 12:41:40 | 000,176,640 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll
[2011-07-16 12:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011-07-16 12:41:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011-07-16 12:41:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011-07-16 12:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\ATI
[2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ATI
[2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011-07-16 12:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011-07-16 12:35:06 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011-07-16 12:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Searches
[2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011-07-16 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Identities
[2011-07-16 12:28:10 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Contacts
[2011-07-16 12:28:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\VirtualStore
[2011-07-16 12:27:58 | 000,000,000 | --SD | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Videos
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Saved Games
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Pictures
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Music
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Links
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Favorites
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Downloads
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Documents
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Desktop
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Ustawienia lokalne
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Temporary Internet Files
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Szablony
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\SendTo
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Recent
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\PrintHood
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\NetHood
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje wideo
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje obrazy
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Moje dokumenty
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moja muzyka
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Menu Start
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Historia
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Dane aplikacji
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Dane aplikacji
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Cookies
[2011-07-16 12:27:58 | 000,000,000 | -H-D | C] -- C:\Users\Neirol\AppData
[2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Temp
[2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft
[2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Media Center Programs
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2011-07-16 12:27:43 | 000,000,000 | ---D | C] -- C:\Recovery
[2011-07-16 12:21:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011-07-16 12:18:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011-07-16 12:17:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-08-06 11:36:52 | 002,535,461 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl
[2011-08-06 11:34:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job
[2011-08-06 11:16:05 | 000,375,441 | ---- | M] () -- C:\Users\Neirol\Desktop\menadzer.jpg
[2011-08-06 10:57:32 | 000,000,570 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011-08-06 10:57:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-08-06 10:53:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2011-08-06 10:52:00 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-06 10:51:59 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-06 10:48:47 | 000,002,963 | ---- | M] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk
[2011-08-06 10:34:01 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job
[2011-08-05 23:57:26 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html
[2011-08-05 14:05:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html
[2011-08-05 13:51:11 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-08-05 13:51:11 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-05 13:51:11 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-08-05 13:51:10 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-05 13:51:10 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-04 20:19:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Templi2228.html
[2011-08-04 20:19:15 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html
[2011-08-03 10:36:35 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html
[2011-08-03 10:36:35 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html
[2011-08-02 00:30:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html
[2011-08-02 00:30:37 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html
[2011-08-01 22:04:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html
[2011-08-01 10:47:48 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html
[2011-08-01 10:47:48 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html
[2011-08-01 01:07:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html
[2011-08-01 01:07:20 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html
[2011-08-01 00:25:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html
[2011-07-31 21:05:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html
[2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-07-31 01:01:31 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html
[2011-07-30 20:53:59 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html
[2011-07-30 16:35:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html
[2011-07-29 21:12:57 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html
[2011-07-29 18:45:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html
[2011-07-29 18:45:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html
[2011-07-29 00:48:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html
[2011-07-27 23:19:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html
[2011-07-27 17:24:40 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html
[2011-07-27 16:58:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html
[2011-07-27 14:13:16 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html
[2011-07-27 13:06:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011-07-26 17:26:19 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html
[2011-07-26 17:26:19 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html
[2011-07-26 15:57:02 | 000,000,579 | ---- | M] () -- C:\Windows\qtracker.INI
[2011-07-26 14:18:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-07-26 13:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html
[2011-07-26 13:37:36 | 000,000,262 | ---- | M] () -- C:\Windows\game.ini
[2011-07-26 01:36:44 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html
[2011-07-26 01:36:44 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html
[2011-07-26 00:29:08 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html
[2011-07-26 00:29:08 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempND3896.html
[2011-07-25 21:49:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html
[2011-07-25 18:16:05 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html
[2011-07-25 17:55:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html
[2011-07-25 17:55:21 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html
[2011-07-25 13:18:52 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html
[2011-07-25 01:09:18 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html
[2011-07-25 01:09:18 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html
[2011-07-24 16:40:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html
[2011-07-24 02:02:43 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html
[2011-07-23 21:19:45 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html
[2011-07-23 16:07:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html
[2011-07-23 01:34:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html
[2011-07-23 01:34:51 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html
[2011-07-22 18:11:19 | 000,004,608 | ---- | M] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-22 13:24:07 | 000,001,526 | ---- | M] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk
[2011-07-22 13:21:44 | 000,001,279 | ---- | M] () -- C:\Users\Neirol\Desktop\Photoshop.lnk
[2011-07-22 13:21:27 | 000,000,937 | ---- | M] () -- C:\Users\Neirol\Desktop\Winamp.lnk
[2011-07-22 10:38:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html
[2011-07-22 10:38:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html
[2011-07-22 01:45:55 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html
[2011-07-22 01:45:55 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html
[2011-07-21 20:25:32 | 000,000,941 | ---- | M] () -- C:\Users\Neirol\Desktop\GG.lnk
[2011-07-20 13:19:17 | 002,169,856 | ---- | M] () -- C:\Windows\SysNative\hale.exe
[2011-07-20 13:17:12 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs
[2011-07-20 13:17:12 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe
[2011-07-20 11:56:42 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html
[2011-07-20 11:56:42 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html
[2011-07-20 01:13:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html
[2011-07-20 01:13:24 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html
[2011-07-19 23:26:27 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html
[2011-07-19 20:51:32 | 000,000,540 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-07-19 20:47:38 | 000,000,921 | ---- | M] () -- C:\Users\Neirol\Desktop\Soulseek.lnk
[2011-07-19 20:05:52 | 000,000,508 | ---- | M] () -- C:\Users\Neirol\Desktop\Sieć.lnk
[2011-07-19 13:57:47 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html
[2011-07-19 13:57:47 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html
[2011-07-19 01:15:30 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html
[2011-07-19 01:15:30 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html
[2011-07-16 21:03:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011-07-16 19:25:43 | 000,350,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-07-16 13:53:53 | 000,406,528 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2011-07-16 13:53:53 | 000,338,432 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Studia.lnk
[2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Muzyka.lnk
[2011-07-16 13:51:29 | 000,000,651 | ---- | M] () -- C:\Users\Neirol\Desktop\Filmy.lnk
[2011-07-16 13:43:33 | 000,001,418 | ---- | M] () -- C:\Users\Neirol\Desktop\Tablet.lnk
[2011-07-16 13:17:52 | 000,000,602 | ---- | M] () -- C:\Users\Neirol\Desktop\Programy (E).lnk
[2011-07-16 13:17:35 | 000,000,595 | ---- | M] () -- C:\Users\Neirol\Desktop\Media (D).lnk
[2011-07-16 13:15:38 | 000,000,877 | ---- | M] () -- C:\Users\Neirol\Desktop\Reason.lnk
[2011-07-16 12:53:29 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011-07-16 12:39:16 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011-07-04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-07-04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-07-04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-07-04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-07-04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-07-04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-06-26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-08-06 11:16:05 | 000,375,441 | ---- | C] () -- C:\Users\Neirol\Desktop\menadzer.jpg
[2011-08-06 10:57:32 | 000,000,570 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011-08-06 10:48:47 | 000,002,963 | ---- | C] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk
[2011-08-05 22:03:20 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html
[2011-08-05 15:17:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011-08-05 11:43:40 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html
[2011-08-04 20:13:59 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Templi2228.html
[2011-08-04 20:13:59 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html
[2011-08-03 10:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html
[2011-08-03 10:28:51 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html
[2011-08-01 23:34:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html
[2011-08-01 23:34:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html
[2011-08-01 19:11:25 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html
[2011-08-01 10:47:48 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html
[2011-08-01 10:47:48 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html
[2011-08-01 00:26:21 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html
[2011-08-01 00:26:21 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html
[2011-07-31 23:43:14 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html
[2011-07-31 14:36:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html
[2011-07-30 22:30:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html
[2011-07-30 18:51:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html
[2011-07-30 16:27:35 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html
[2011-07-29 20:59:07 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html
[2011-07-29 13:02:52 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html
[2011-07-29 13:02:52 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html
[2011-07-28 19:10:01 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html
[2011-07-27 18:08:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html
[2011-07-27 17:23:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html
[2011-07-27 16:30:33 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html
[2011-07-27 13:17:04 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html
[2011-07-27 12:57:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011-07-27 12:57:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011-07-27 12:57:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011-07-27 12:57:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011-07-27 12:57:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-07-26 17:25:19 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html
[2011-07-26 17:25:19 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html
[2011-07-26 14:18:58 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-07-26 14:18:40 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-07-26 14:18:30 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-07-26 14:04:41 | 000,000,579 | ---- | C] () -- C:\Windows\qtracker.INI
[2011-07-26 13:37:36 | 000,000,262 | ---- | C] () -- C:\Windows\game.ini
[2011-07-26 12:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html
[2011-07-26 01:14:58 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html
[2011-07-26 01:14:58 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html
[2011-07-25 22:27:10 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html
[2011-07-25 22:27:10 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempND3896.html
[2011-07-25 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html
[2011-07-25 18:04:23 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html
[2011-07-25 13:37:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html
[2011-07-25 13:37:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html
[2011-07-25 12:06:24 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html
[2011-07-25 00:29:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html
[2011-07-25 00:29:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html
[2011-07-24 12:41:06 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html
[2011-07-24 00:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html
[2011-07-23 19:33:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html
[2011-07-23 12:32:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html
[2011-07-22 22:54:29 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-07-22 13:05:49 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html
[2011-07-22 13:05:49 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html
[2011-07-22 10:28:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html
[2011-07-22 10:28:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html
[2011-07-22 10:26:28 | 002,354,699 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl
[2011-07-22 01:11:15 | 000,004,608 | ---- | C] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-21 23:55:07 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011-07-21 11:46:56 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html
[2011-07-21 11:46:56 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html
[2011-07-20 11:27:32 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html
[2011-07-20 11:27:32 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html
[2011-07-20 00:46:42 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html
[2011-07-20 00:46:42 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html
[2011-07-19 20:50:32 | 000,000,540 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-07-19 20:47:11 | 000,000,921 | ---- | C] () -- C:\Users\Neirol\Desktop\Soulseek.lnk
[2011-07-19 20:45:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html
[2011-07-19 20:03:08 | 000,000,508 | ---- | C] () -- C:\Users\Neirol\Desktop\Sieć.lnk
[2011-07-19 12:58:00 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html
[2011-07-19 12:58:00 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html
[2011-07-19 12:56:47 | 000,000,941 | ---- | C] () -- C:\Users\Neirol\Desktop\GG.lnk
[2011-07-19 12:51:49 | 002,169,856 | ---- | C] () -- C:\Windows\SysNative\hale.exe
[2011-07-18 23:26:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html
[2011-07-18 23:26:17 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html
[2011-07-18 23:26:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011-07-18 23:25:40 | 000,001,526 | ---- | C] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk
[2011-07-18 23:24:12 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job
[2011-07-18 23:24:09 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job
[2011-07-16 21:03:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Studia.lnk
[2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Muzyka.lnk
[2011-07-16 13:51:29 | 000,000,651 | ---- | C] () -- C:\Users\Neirol\Desktop\Filmy.lnk
[2011-07-16 13:51:05 | 000,000,937 | ---- | C] () -- C:\Users\Neirol\Desktop\Winamp.lnk
[2011-07-16 13:43:33 | 000,001,418 | ---- | C] () -- C:\Users\Neirol\Desktop\Tablet.lnk
[2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml
[2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml
[2011-07-16 13:15:38 | 000,000,877 | ---- | C] () -- C:\Users\Neirol\Desktop\Reason.lnk
[2011-07-16 13:02:34 | 000,001,279 | ---- | C] () -- C:\Users\Neirol\Desktop\Photoshop.lnk
[2011-07-16 12:53:29 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011-07-16 12:39:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-07-16 12:36:06 | 000,018,335 | ---- | C] () -- C:\Windows\atiogl.xml
[2011-07-16 12:30:44 | 000,000,602 | ---- | C] () -- C:\Users\Neirol\Desktop\Programy (E).lnk
[2011-07-16 12:30:44 | 000,000,595 | ---- | C] () -- C:\Users\Neirol\Desktop\Media (D).lnk
[2011-07-16 12:29:24 | 000,001,417 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011-07-16 12:29:17 | 000,001,451 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011-07-16 12:22:19 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011-07-16 12:22:04 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011-07-16 12:17:48 | 3019,350,016 | -HS- | C] () -- C:\hiberfil.sys
[2011-03-16 17:42:51 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\Amhooker.dll
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Neirol\AppData\Roaming\MafiaSetup.exe

[color=#E56717]========== LOP Check ==========[/color]

[2011-07-21 21:35:11 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BESTplayer
[2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BitTorrent
[2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite
[2011-07-19 01:15:30 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10
[2011-07-23 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo
[2011-07-16 13:57:10 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Mp3tag
[2011-07-16 13:53:24 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software
[2011-07-22 14:00:01 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\WinMPG
[2009-07-14 07:08:49 | 000,012,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-07-27 13:13:08 | 000,013,920 | ---- | M] () -- C:\ComboFix.txt
[2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2011-08-06 10:53:23 | 4025,802,752 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\ERDNT\cache64\ndis.sys
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\ProgramData\Microsoft\Windows\SXS\64\winlogon.exe
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Users\All Users\Microsoft\Windows\SXS\64\winlogon.exe
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011-07-20 13:17:12 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=87A00ED70FEC36D0DD968E5058C29AA1 -- C:\Windows\SysNative\winlogon.exe

< End of report >

[/log]

No i ComboFix:

[log]

ComboFix 11-08-05.03 - Neirol 2011-08-06 11:58:26.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.3839.2600 [GMT 2:00]
Uruchomiony z: d:\download\Programy różnorakie\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-07-06 do 2011-08-06 )))))))))))))))))))))))))))))))
.
.
2011-08-06 10:02 . 2011-08-06 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-07-26 12:18 . 2011-07-26 12:18 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-07-25 17:07 . 2011-07-25 17:07 -------- d-----w- c:\program files (x86)\directx
2011-07-25 11:14 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-07-25 11:13 . 2006-12-08 10:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll
2011-07-24 22:22 . 2011-07-24 22:22 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-07-24 22:21 . 2011-07-24 22:21 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-07-23 18:59 . 2011-07-23 18:59 -------- d-----w- c:\programdata\Last.fm
2011-07-23 18:59 . 2008-05-13 15:23 417792 ----a-w- c:\program files (x86)\Windows Media Player\Plugins\wmp_scrobbler.dll
2011-07-22 20:54 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin7.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin6.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin5.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin4.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin3.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin2.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin.dll
2011-07-21 21:56 . 2011-07-21 21:56 -------- d-----w- c:\programdata\Apple Computer
2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\programdata\Apple
2011-07-19 18:47 . 2011-08-05 16:47 -------- d-----w- c:\programdata\Soulseek
2011-07-19 10:56 . 2011-06-20 06:57 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{641EE92E-DA74-410A-8481-16E6517C03F3}\mpengine.dll
2011-07-19 10:56 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-07-19 10:51 . 2011-07-20 11:19 2169856 ----a-w- c:\windows\system32\hale.exe
2011-07-18 23:11 . 2011-07-18 23:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-18 23:10 . 2011-07-18 23:10 -------- d-----w- c:\windows\Sun
2011-07-18 23:10 . 2011-07-18 23:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-18 21:48 . 2011-07-18 21:47 468480 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-18 21:26 . 2011-07-04 11:32 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-18 21:26 . 2011-07-04 11:36 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-18 21:26 . 2011-07-04 11:32 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-18 21:26 . 2011-07-04 11:35 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-18 21:26 . 2011-07-04 11:36 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-18 21:26 . 2011-07-04 11:32 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-18 21:26 . 2011-07-04 11:43 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-18 21:26 . 2011-07-18 21:26 -------- d-----w- c:\programdata\Gadu-Gadu 10
2011-07-18 21:24 . 2011-07-18 21:24 -------- d-----w- c:\windows\SysWow64\Macromed
2011-07-18 21:22 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-18 21:22 . 2011-07-04 11:43 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-07-18 21:22 . 2011-07-18 21:22 -------- d-----w- c:\programdata\AVAST Software
2011-07-16 11:53 . 2011-07-16 11:53 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2011-07-16 11:53 . 2011-07-16 11:53 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2011-07-16 11:53 . 2011-07-16 11:53 -------- d-----w- c:\programdata\Propellerhead Software
2011-07-16 11:44 . 2011-07-16 11:44 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-07-16 11:44 . 2011-08-05 13:17 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-07-16 11:41 . 2010-10-26 21:42 642928 ------w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
2011-07-16 11:41 . 2010-10-26 21:42 749936 ------w- c:\windows\system32\Pen_Touch_Tablet.dll
2011-07-16 11:41 . 2011-07-16 11:41 -------- d-----w- c:\program files (x86)\TabletPlugins
2011-07-16 11:41 . 2010-10-11 19:19 18288 ----a-w- c:\windows\system32\drivers\wacmoumonitor.sys
2011-07-16 11:40 . 2010-10-11 19:19 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2011-07-16 11:40 . 2010-10-11 19:19 16168 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2011-07-16 11:40 . 2010-10-26 21:42 600432 ------w- c:\windows\system32\Wintab32.dll
2011-07-16 11:40 . 2010-10-26 21:42 506736 ------w- c:\windows\SysWow64\Wintab32.dll
2011-07-16 11:40 . 2010-10-26 21:42 756592 ------w- c:\windows\system32\Pen_Tablet.dll
2011-07-16 11:40 . 2010-10-26 21:42 650096 ------w- c:\windows\SysWow64\Pen_Tablet.dll
2011-07-16 11:40 . 2011-07-16 11:41 -------- d-----w- c:\program files\Tablet
2011-07-16 11:34 . 2011-07-16 11:34 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\windows\PCHEALTH
2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-07-16 11:21 . 2011-07-16 11:36 -------- d-----w- c:\programdata\Microsoft Help
2011-07-16 11:20 . 2011-07-16 11:20 -------- d-----r- C:\MSOCache
2011-07-16 11:16 . 2011-07-16 10:27 -------- d-----w- c:\windows\Panther
2011-07-16 11:12 . 2010-07-09 11:19 21480 ----a-w- c:\windows\system32\drivers\cpuz134_x64.sys
2011-07-16 11:01 . 2011-07-16 11:02 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2011-07-16 11:01 . 2011-07-16 11:01 -------- d-----w- c:\programdata\Nero
2011-07-16 10:53 . 2011-07-16 10:53 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-16 10:49 . 2011-07-16 10:52 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\program files\Realtek
2011-07-16 10:40 . 2011-07-16 10:40 -------- d-----w- c:\programdata\ATI
2011-07-16 10:39 . 2011-07-16 10:39 0 ----a-w- c:\windows\ativpsrm.bin
2011-07-16 10:36 . 2009-05-05 14:00 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2011-07-16 10:36 . 2009-07-30 03:04 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-16 10:35 . 2011-08-06 08:48 -------- d-sh--w- c:\windows\Installer
2011-07-16 10:35 . 2011-07-16 10:35 -------- d-----w- c:\program files\ATI
2011-07-16 10:33 . 2009-04-28 10:33 67128 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-07-16 10:33 . 2009-04-28 10:33 28216 ----a-w- c:\windows\system32\drivers\amdxata.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-20 11:18 . 2009-07-13 23:52 65536 ----a-w- c:\windows\system32\sppuinotify.dll
2011-07-20 11:18 . 2009-07-13 23:51 381952 ----a-w- c:\windows\system32\sppcommdlg.dll
2011-07-20 11:18 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2011-07-20 11:18 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2011-07-20 11:18 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll
2011-07-20 11:18 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll
2011-07-20 11:17 . 2009-07-13 23:57 2048 ----a-w- c:\windows\system32\winver.exe
2011-07-20 11:17 . 2009-07-13 23:52 389632 ----a-w- c:\windows\system32\winlogon.exe
2011-07-20 11:17 . 2009-07-13 23:52 349696 ----a-w- c:\windows\system32\slui.exe
2011-07-20 11:17 . 2009-06-10 20:59 107946 ----a-w- c:\windows\system32\slmgr.vbs
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[-] 2011-07-20 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7600.16385] .. c:\windows\system32\winlogon.exe
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2011-07-20 . F78E7BD7ADC829D9DD92C558180E09DB . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-27_11.07.22 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-27 11:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-06 10:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-16 10:45 . 2011-08-06 10:06 23514 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-06 10:06 39422 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2011-08-06 09:27 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2011-07-24 00:10 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-16 10:41 . 2011-08-06 10:06 4474 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-160874040-2124205273-324844842-1000_UserData.bin
+ 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-16 17:20 . 2011-08-05 21:57 285204 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 17:55 . 2011-07-25 16:28 687828 c:\windows\system32\perfh015.dat
+ 2009-07-14 17:55 . 2011-08-05 11:51 687828 c:\windows\system32\perfh015.dat
+ 2009-07-14 02:36 . 2011-08-05 11:51 607190 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-07-25 16:28 607190 c:\windows\system32\perfh009.dat
- 2009-07-14 17:55 . 2011-07-25 16:28 131382 c:\windows\system32\perfc015.dat
+ 2009-07-14 17:55 . 2011-08-05 11:51 131382 c:\windows\system32\perfc015.dat
+ 2009-07-14 02:36 . 2011-08-05 11:51 103568 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-07-25 16:28 103568 c:\windows\system32\perfc009.dat
- 2009-07-14 02:34 . 2011-07-23 18:18 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-08-05 13:19 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 04:45 . 2011-08-06 08:23 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-07-23 10:30 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-09-23 14:13 . 2010-09-23 14:13 3978752 c:\windows\Installer\c7570b.msi
+ 2011-08-06 08:47 . 2011-08-06 08:47 1402880 c:\windows\Installer\84710.msi
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="e:\avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280]
S3 netr28x;Sterownik karty sieci bezprzewodowej Ralink 802.11n dla systemu Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job
- c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24]
.
2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job
- c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 134384 ----a-w- e:\avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-24 7935520]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-24 1833504]
"WheelMouse"="e:\mysz\Amoumain.exe" [2008-03-07 237568]
"Chew7Hale"="c:\windows\System32\hale.exe" [2011-07-20 2169856]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 62.179.1.63 62.179.1.62
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
e:\avast\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Czas ukończenia: 2011-08-06 12:10:04 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2011-08-06 10:10
ComboFix2.txt 2011-07-27 11:13
.
Przed: 13 860 237 312 bajtów wolnych
Po: 13 666 430 976 bajtów wolnych
.
- - End Of File - - 3141A1D1C2552EA112A12F879868021B

[/log]

Rady porady? Help!

[quote name='Neirol' timestamp='1312625791' post='1315743']
Witam,
problem wałkowany od zarania dziejów, czytałem mnóstwo różnych tematów z poradami, rozwiązaniami etc., ale nic to w sumie nie daje. A wiadomo, przyczyny często najróżniejsze, na logach z Hijackthis czy Combofix się nie znam, więc piszę z nadzieją do Was.

Otóż w moim przypadku komputer formatowałem już kilka razy, zawsze pomagało to na tydzień lub dwa, po czym wszystko znowu strasznie zwalniało - w bezczynności CPU 70-100% przy trybie zwiększonej wydajności (procesor Athlon II Dual Core M-320 2x2.1ghz, 4gb ram, plyta główna MSI MS-1684, Radeon HD 4200, Windows 7). W menadżerze zadań niepokoją poreplikowane procesy (wiem że kilka svchost to norma, no ale zobaczcie sami: http://img217.imageshack.us/img217/884/menadzer.jpg ), a żadnych zbędnych rzeczy nie instalowałem. Prędzej myślałem że to może wina automatycznych aktualizacji, więc po ostatnim formacie je wyłączyłem, ale nic to nie dało.

Czyściłem jakoś na czuja ComboFixem i HiJackThis (niemądrze, wiem, ale się zdenerwowałem już!) a także CCleaner - nic.
Zapodaję logi.

HiJackThis:

[log]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:50, on 2011-08-06
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
E:\Mysz\Amoumain.exe
C:\Windows\System32\hale.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Avast\AvastUI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
E:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "E:\Avast\avastUI.exe" /nogui
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - E:\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 4247 bytes

[/log]

OTL (ustawienia jak w temacie http://www.forumpc.pl/index.php?showtopic=104338 ) :

[log]

OTL logfile created on: 2011-08-06 11:28:30 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Download
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,75 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 62,79% Memory free
7,50 Gb Paging File | 6,00 Gb Available in Paging File | 80,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 30,18 Gb Total Space | 13,03 Gb Free Space | 43,17% Space Free | Partition Type: NTFS
Drive D: | 180,66 Gb Total Space | 19,61 Gb Free Space | 10,85% Space Free | Partition Type: NTFS
Drive E: | 87,15 Gb Total Space | 41,79 Gb Free Space | 47,95% Space Free | Partition Type: NTFS

Computer Name: NEIROMPUTER | User Name: Neirol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - File not found --
PRC - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\Neirol\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- E:\Avast\AvastUI.exe
PRC - [2009-07-14 03:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009-07-14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2008-03-07 17:04:28 | 000,237,568 | ---- | M] () -- E:\Mysz\Amoumain.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-08-06 11:26:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- E:\Avast\snxhk.dll
MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2007-04-07 20:22:06 | 000,032,768 | ---- | M] () -- C:\Windows\SysWOW64\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2010-10-26 23:42:16 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2009-07-30 05:03:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-07-26 14:18:30 | 000,075,064 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2011-07-16 12:53:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2010-10-11 21:19:36 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2010-10-11 21:19:28 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2010-10-11 21:19:26 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2010-07-09 13:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:[b]64bit:[/b] - [2009-07-30 15:11:22 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-05 16:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-04-28 12:33:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2008-02-13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:[b]64bit:[/b] - [2007-10-15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]




IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Neirol\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)



O1 HOSTS File: ([2011-07-27 13:06:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe ()
O4 - HKLM..\Run: [Chew7Hale] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WheelMouse] E:\Mysz\Amoumain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-160874040-2124205273-324844842-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-08-06 10:48:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011-08-01 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Soulseek Chat Logs
[2011-07-29 18:45:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ElevatedDiagnostics
[2011-07-27 13:18:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011-07-27 13:03:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011-07-27 12:57:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011-07-27 12:57:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011-07-27 12:57:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011-07-26 14:12:30 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\PunkBuster
[2011-07-26 13:48:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Qtracker
[2011-07-26 13:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qtracker
[2011-07-26 13:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011-07-26 13:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gBurner
[2011-07-25 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Syberia Saves
[2011-07-25 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\GTA San Andreas User Files
[2011-07-25 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011-07-25 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx
[2011-07-25 19:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microids
[2011-07-25 18:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-07-25 18:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-07-25 00:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011-07-25 00:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011-07-25 00:16:35 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\2K Games
[2011-07-23 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SubDownloader2
[2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo
[2011-07-23 21:04:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\Documents\Downloads
[2011-07-23 21:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubDownloader2
[2011-07-23 20:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2011-07-23 20:58:44 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Last.fm
[2011-07-23 20:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2011-07-23 19:40:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011-07-23 19:40:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-07-23 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011-07-22 22:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011-07-22 14:00:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WinMPG
[2011-07-21 23:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011-07-21 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011-07-21 23:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011-07-21 23:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apple
[2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011-07-21 23:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011-07-21 21:34:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BESTplayer
[2011-07-21 21:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
[2011-07-19 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\BitTorrent
[2011-07-19 20:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2011-07-19 20:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-07-19 20:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-07-19 15:34:15 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Ahead
[2011-07-19 01:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-07-19 01:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-07-19 01:10:53 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-07-18 23:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011-07-18 23:26:43 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-07-18 23:26:41 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-07-18 23:26:26 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-07-18 23:26:22 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-07-18 23:26:19 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-07-18 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\cache
[2011-07-18 23:26:14 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-07-18 23:26:13 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-07-18 23:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2011-07-18 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Macromedia
[2011-07-18 23:25:37 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011-07-18 23:24:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011-07-18 23:24:41 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10
[2011-07-18 23:24:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Google
[2011-07-18 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Apps
[2011-07-18 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Deployment
[2011-07-18 23:22:53 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011-07-18 23:22:53 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-18 23:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011-07-16 19:25:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-07-16 13:57:07 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Mp3tag
[2011-07-16 13:55:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2011-07-16 13:53:53 | 000,406,528 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2011-07-16 13:53:53 | 000,338,432 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2011-07-16 13:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2011-07-16 13:53:24 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software
[2011-07-16 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Winamp
[2011-07-16 13:44:29 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Adobe
[2011-07-16 13:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011-07-16 13:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011-07-16 13:44:10 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Adobe
[2011-07-16 13:41:54 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\WTablet
[2011-07-16 13:41:53 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2011-07-16 13:41:52 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2011-07-16 13:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2011-07-16 13:41:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2011-07-16 13:41:09 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys
[2011-07-16 13:40:58 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys
[2011-07-16 13:40:51 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys
[2011-07-16 13:40:47 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
[2011-07-16 13:40:47 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
[2011-07-16 13:40:46 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2011-07-16 13:40:46 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2011-07-16 13:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2011-07-16 13:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011-07-16 13:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011-07-16 13:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011-07-16 13:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-07-16 13:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-07-16 13:21:47 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft Help
[2011-07-16 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011-07-16 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011-07-16 13:20:56 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011-07-16 13:16:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011-07-16 13:12:58 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2011-07-16 13:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011-07-16 13:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprzet
[2011-07-16 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Ahead
[2011-07-16 13:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Premium
[2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011-07-16 13:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2011-07-16 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011-07-16 12:52:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite
[2011-07-16 12:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011-07-16 12:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2011-07-16 12:41:48 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2011-07-16 12:41:45 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011-07-16 12:41:45 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011-07-16 12:41:45 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011-07-16 12:41:45 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011-07-16 12:41:43 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011-07-16 12:41:41 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011-07-16 12:41:40 | 000,176,640 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\FMAPO64.dll
[2011-07-16 12:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011-07-16 12:41:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011-07-16 12:41:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011-07-16 12:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\ATI
[2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\ATI
[2011-07-16 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011-07-16 12:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011-07-16 12:35:06 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011-07-16 12:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Searches
[2011-07-16 12:28:26 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011-07-16 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Identities
[2011-07-16 12:28:10 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Contacts
[2011-07-16 12:28:08 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\VirtualStore
[2011-07-16 12:27:58 | 000,000,000 | --SD | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Videos
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Saved Games
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Pictures
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Music
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Links
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Favorites
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Downloads
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Documents
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\Desktop
[2011-07-16 12:27:58 | 000,000,000 | R--D | C] -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Ustawienia lokalne
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Temporary Internet Files
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Szablony
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\SendTo
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Recent
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\PrintHood
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\NetHood
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje wideo
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moje obrazy
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Moje dokumenty
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Documents\Moja muzyka
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Menu Start
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Historia
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Dane aplikacji
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\AppData\Local\Dane aplikacji
[2011-07-16 12:27:58 | 000,000,000 | -HSD | C] -- C:\Users\Neirol\Cookies
[2011-07-16 12:27:58 | 000,000,000 | -H-D | C] -- C:\Users\Neirol\AppData
[2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Temp
[2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Local\Microsoft
[2011-07-16 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Neirol\AppData\Roaming\Media Center Programs
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2011-07-16 12:27:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2011-07-16 12:27:43 | 000,000,000 | ---D | C] -- C:\Recovery
[2011-07-16 12:21:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011-07-16 12:18:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011-07-16 12:17:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-08-06 11:36:52 | 002,535,461 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl
[2011-08-06 11:34:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job
[2011-08-06 11:16:05 | 000,375,441 | ---- | M] () -- C:\Users\Neirol\Desktop\menadzer.jpg
[2011-08-06 10:57:32 | 000,000,570 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011-08-06 10:57:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-08-06 10:53:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2011-08-06 10:52:00 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-06 10:51:59 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-06 10:48:47 | 000,002,963 | ---- | M] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk
[2011-08-06 10:34:01 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job
[2011-08-05 23:57:26 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html
[2011-08-05 14:05:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html
[2011-08-05 13:51:11 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-08-05 13:51:11 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-05 13:51:11 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-08-05 13:51:10 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-05 13:51:10 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-04 20:19:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Templi2228.html
[2011-08-04 20:19:15 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html
[2011-08-03 10:36:35 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html
[2011-08-03 10:36:35 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html
[2011-08-02 00:30:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html
[2011-08-02 00:30:37 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html
[2011-08-01 22:04:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html
[2011-08-01 10:47:48 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html
[2011-08-01 10:47:48 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html
[2011-08-01 01:07:20 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html
[2011-08-01 01:07:20 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html
[2011-08-01 00:25:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html
[2011-07-31 21:05:37 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html
[2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-07-31 01:03:05 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-07-31 01:01:31 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html
[2011-07-30 20:53:59 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html
[2011-07-30 16:35:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html
[2011-07-29 21:12:57 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html
[2011-07-29 18:45:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html
[2011-07-29 18:45:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html
[2011-07-29 00:48:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html
[2011-07-27 23:19:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html
[2011-07-27 17:24:40 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html
[2011-07-27 16:58:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html
[2011-07-27 14:13:16 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html
[2011-07-27 13:06:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011-07-26 17:26:19 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html
[2011-07-26 17:26:19 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html
[2011-07-26 15:57:02 | 000,000,579 | ---- | M] () -- C:\Windows\qtracker.INI
[2011-07-26 14:18:30 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-07-26 13:51:15 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html
[2011-07-26 13:37:36 | 000,000,262 | ---- | M] () -- C:\Windows\game.ini
[2011-07-26 01:36:44 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html
[2011-07-26 01:36:44 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html
[2011-07-26 00:29:08 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html
[2011-07-26 00:29:08 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempND3896.html
[2011-07-25 21:49:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html
[2011-07-25 18:16:05 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html
[2011-07-25 17:55:21 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html
[2011-07-25 17:55:21 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html
[2011-07-25 13:18:52 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html
[2011-07-25 01:09:18 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html
[2011-07-25 01:09:18 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html
[2011-07-24 16:40:11 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html
[2011-07-24 02:02:43 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html
[2011-07-23 21:19:45 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html
[2011-07-23 16:07:13 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html
[2011-07-23 01:34:51 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html
[2011-07-23 01:34:51 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html
[2011-07-22 18:11:19 | 000,004,608 | ---- | M] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-22 13:24:07 | 000,001,526 | ---- | M] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk
[2011-07-22 13:21:44 | 000,001,279 | ---- | M] () -- C:\Users\Neirol\Desktop\Photoshop.lnk
[2011-07-22 13:21:27 | 000,000,937 | ---- | M] () -- C:\Users\Neirol\Desktop\Winamp.lnk
[2011-07-22 10:38:14 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html
[2011-07-22 10:38:14 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html
[2011-07-22 01:45:55 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html
[2011-07-22 01:45:55 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html
[2011-07-21 20:25:32 | 000,000,941 | ---- | M] () -- C:\Users\Neirol\Desktop\GG.lnk
[2011-07-20 13:19:17 | 002,169,856 | ---- | M] () -- C:\Windows\SysNative\hale.exe
[2011-07-20 13:17:12 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs
[2011-07-20 13:17:12 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe
[2011-07-20 11:56:42 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html
[2011-07-20 11:56:42 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html
[2011-07-20 01:13:24 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html
[2011-07-20 01:13:24 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html
[2011-07-19 23:26:27 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html
[2011-07-19 20:51:32 | 000,000,540 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-07-19 20:47:38 | 000,000,921 | ---- | M] () -- C:\Users\Neirol\Desktop\Soulseek.lnk
[2011-07-19 20:05:52 | 000,000,508 | ---- | M] () -- C:\Users\Neirol\Desktop\Sieć.lnk
[2011-07-19 13:57:47 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html
[2011-07-19 13:57:47 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html
[2011-07-19 01:15:30 | 000,002,432 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html
[2011-07-19 01:15:30 | 000,002,089 | ---- | M] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html
[2011-07-16 21:03:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011-07-16 19:25:43 | 000,350,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-07-16 13:53:53 | 000,406,528 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2011-07-16 13:53:53 | 000,338,432 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Studia.lnk
[2011-07-16 13:51:29 | 000,000,662 | ---- | M] () -- C:\Users\Neirol\Desktop\Muzyka.lnk
[2011-07-16 13:51:29 | 000,000,651 | ---- | M] () -- C:\Users\Neirol\Desktop\Filmy.lnk
[2011-07-16 13:43:33 | 000,001,418 | ---- | M] () -- C:\Users\Neirol\Desktop\Tablet.lnk
[2011-07-16 13:17:52 | 000,000,602 | ---- | M] () -- C:\Users\Neirol\Desktop\Programy (E).lnk
[2011-07-16 13:17:35 | 000,000,595 | ---- | M] () -- C:\Users\Neirol\Desktop\Media (D).lnk
[2011-07-16 13:15:38 | 000,000,877 | ---- | M] () -- C:\Users\Neirol\Desktop\Reason.lnk
[2011-07-16 12:53:29 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011-07-16 12:39:16 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011-07-16 12:22:35 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011-07-04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-07-04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-07-04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-07-04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-07-04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-07-04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-06-26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-08-06 11:16:05 | 000,375,441 | ---- | C] () -- C:\Users\Neirol\Desktop\menadzer.jpg
[2011-08-06 10:57:32 | 000,000,570 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011-08-06 10:48:47 | 000,002,963 | ---- | C] () -- C:\Users\Neirol\Desktop\HiJackThis.lnk
[2011-08-05 22:03:20 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTt5092.html
[2011-08-05 15:17:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011-08-05 11:43:40 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbT3132.html
[2011-08-04 20:13:59 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Templi2228.html
[2011-08-04 20:13:59 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJA2228.html
[2011-08-03 10:28:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZUt576.html
[2011-08-03 10:28:51 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Temphsq576.html
[2011-08-01 23:34:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempHz4052.html
[2011-08-01 23:34:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempai4052.html
[2011-08-01 19:11:25 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempnH3576.html
[2011-08-01 10:47:48 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNN2112.html
[2011-08-01 10:47:48 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKj2112.html
[2011-08-01 00:26:21 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempEn6776.html
[2011-08-01 00:26:21 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempsn6776.html
[2011-07-31 23:43:14 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbI5228.html
[2011-07-31 14:36:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TemptT1572.html
[2011-07-30 22:30:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZU4192.html
[2011-07-30 18:51:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKO3676.html
[2011-07-30 16:27:35 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempWk3428.html
[2011-07-29 20:59:07 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTz4776.html
[2011-07-29 13:02:52 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempxN3608.html
[2011-07-29 13:02:52 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempGO3608.html
[2011-07-28 19:10:01 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJS2988.html
[2011-07-27 18:08:22 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempiy3752.html
[2011-07-27 17:23:51 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYz1060.html
[2011-07-27 16:30:33 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempbA1540.html
[2011-07-27 13:17:04 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempwx3216.html
[2011-07-27 12:57:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011-07-27 12:57:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011-07-27 12:57:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011-07-27 12:57:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011-07-27 12:57:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-07-26 17:25:19 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempCZ4004.html
[2011-07-26 17:25:19 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJs4004.html
[2011-07-26 14:18:58 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-07-26 14:18:40 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-07-26 14:18:30 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-07-26 14:04:41 | 000,000,579 | ---- | C] () -- C:\Windows\qtracker.INI
[2011-07-26 13:37:36 | 000,000,262 | ---- | C] () -- C:\Windows\game.ini
[2011-07-26 12:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempjW1420.html
[2011-07-26 01:14:58 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempeg4232.html
[2011-07-26 01:14:58 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempqK4232.html
[2011-07-25 22:27:10 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempXO3896.html
[2011-07-25 22:27:10 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempND3896.html
[2011-07-25 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyc2392.html
[2011-07-25 18:04:23 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempyl4148.html
[2011-07-25 13:37:50 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxy3784.html
[2011-07-25 13:37:50 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLz3784.html
[2011-07-25 12:06:24 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYH2960.html
[2011-07-25 00:29:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYY4448.html
[2011-07-25 00:29:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempIe4448.html
[2011-07-24 12:41:06 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempxs4132.html
[2011-07-24 00:37:34 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempZn4488.html
[2011-07-23 19:33:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempMF3196.html
[2011-07-23 12:32:27 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempri4648.html
[2011-07-22 22:54:29 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-07-22 13:05:49 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempTe2156.html
[2011-07-22 13:05:49 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNv2156.html
[2011-07-22 10:28:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempKd5068.html
[2011-07-22 10:28:12 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempNf5068.html
[2011-07-22 10:26:28 | 002,354,699 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl
[2011-07-22 01:11:15 | 000,004,608 | ---- | C] () -- C:\Users\Neirol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-21 23:55:07 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011-07-21 11:46:56 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempmn1416.html
[2011-07-21 11:46:56 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempwY1416.html
[2011-07-20 11:27:32 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempYW3728.html
[2011-07-20 11:27:32 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempJl3728.html
[2011-07-20 00:46:42 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempOm4232.html
[2011-07-20 00:46:42 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempeE4232.html
[2011-07-19 20:50:32 | 000,000,540 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-07-19 20:47:11 | 000,000,921 | ---- | C] () -- C:\Users\Neirol\Desktop\Soulseek.lnk
[2011-07-19 20:45:12 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempPP1304.html
[2011-07-19 20:03:08 | 000,000,508 | ---- | C] () -- C:\Users\Neirol\Desktop\Sieć.lnk
[2011-07-19 12:58:00 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempFK4996.html
[2011-07-19 12:58:00 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\TempLM4996.html
[2011-07-19 12:56:47 | 000,000,941 | ---- | C] () -- C:\Users\Neirol\Desktop\GG.lnk
[2011-07-19 12:51:49 | 002,169,856 | ---- | C] () -- C:\Windows\SysNative\hale.exe
[2011-07-18 23:26:17 | 000,002,432 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempim3260.html
[2011-07-18 23:26:17 | 000,002,089 | ---- | C] () -- C:\Users\Neirol\AppData\Local\Tempql3260.html
[2011-07-18 23:26:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011-07-18 23:25:40 | 000,001,526 | ---- | C] () -- C:\Users\Neirol\Desktop\Google Chrome.lnk
[2011-07-18 23:24:12 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job
[2011-07-18 23:24:09 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job
[2011-07-16 21:03:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Studia.lnk
[2011-07-16 13:51:29 | 000,000,662 | ---- | C] () -- C:\Users\Neirol\Desktop\Muzyka.lnk
[2011-07-16 13:51:29 | 000,000,651 | ---- | C] () -- C:\Users\Neirol\Desktop\Filmy.lnk
[2011-07-16 13:51:05 | 000,000,937 | ---- | C] () -- C:\Users\Neirol\Desktop\Winamp.lnk
[2011-07-16 13:43:33 | 000,001,418 | ---- | C] () -- C:\Users\Neirol\Desktop\Tablet.lnk
[2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml
[2011-07-16 13:40:36 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml
[2011-07-16 13:15:38 | 000,000,877 | ---- | C] () -- C:\Users\Neirol\Desktop\Reason.lnk
[2011-07-16 13:02:34 | 000,001,279 | ---- | C] () -- C:\Users\Neirol\Desktop\Photoshop.lnk
[2011-07-16 12:53:29 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011-07-16 12:39:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-07-16 12:36:06 | 000,018,335 | ---- | C] () -- C:\Windows\atiogl.xml
[2011-07-16 12:30:44 | 000,000,602 | ---- | C] () -- C:\Users\Neirol\Desktop\Programy (E).lnk
[2011-07-16 12:30:44 | 000,000,595 | ---- | C] () -- C:\Users\Neirol\Desktop\Media (D).lnk
[2011-07-16 12:29:24 | 000,001,417 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011-07-16 12:29:17 | 000,001,451 | ---- | C] () -- C:\Users\Neirol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011-07-16 12:22:19 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011-07-16 12:22:04 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011-07-16 12:17:48 | 3019,350,016 | -HS- | C] () -- C:\hiberfil.sys
[2011-03-16 17:42:51 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\Amhooker.dll
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2003-04-09 11:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Neirol\AppData\Roaming\MafiaSetup.exe

[color=#E56717]========== LOP Check ==========[/color]

[2011-07-21 21:35:11 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BESTplayer
[2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\BitTorrent
[2011-08-06 10:32:45 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\DAEMON Tools Lite
[2011-07-19 01:15:30 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Gadu-Gadu 10
[2011-07-23 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\GetRightToGo
[2011-07-16 13:57:10 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Mp3tag
[2011-07-16 13:53:24 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\Propellerhead Software
[2011-07-22 14:00:01 | 000,000,000 | ---D | M] -- C:\Users\Neirol\AppData\Roaming\WinMPG
[2009-07-14 07:08:49 | 000,012,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-07-27 13:13:08 | 000,013,920 | ---- | M] () -- C:\ComboFix.txt
[2011-08-06 10:53:18 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2011-08-06 10:53:23 | 4025,802,752 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\ERDNT\cache64\ndis.sys
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\ProgramData\Microsoft\Windows\SXS\64\winlogon.exe
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Users\All Users\Microsoft\Windows\SXS\64\winlogon.exe
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011-07-20 13:17:12 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=87A00ED70FEC36D0DD968E5058C29AA1 -- C:\Windows\SysNative\winlogon.exe

< End of report >

[/log]

No i ComboFix:

[log]

ComboFix 11-08-05.03 - Neirol 2011-08-06 11:58:26.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.3839.2600 [GMT 2:00]
Uruchomiony z: d:\download\Programy różnorakie\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-07-06 do 2011-08-06 )))))))))))))))))))))))))))))))
.
.
2011-08-06 10:02 . 2011-08-06 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-07-26 12:18 . 2011-07-30 23:03 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-07-26 12:18 . 2011-07-26 12:18 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-07-25 17:07 . 2011-07-25 17:07 -------- d-----w- c:\program files (x86)\directx
2011-07-25 11:14 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-07-25 11:13 . 2006-12-08 10:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll
2011-07-24 22:22 . 2011-07-24 22:22 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-07-24 22:21 . 2011-07-24 22:21 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-07-23 18:59 . 2011-07-23 18:59 -------- d-----w- c:\programdata\Last.fm
2011-07-23 18:59 . 2008-05-13 15:23 417792 ----a-w- c:\program files (x86)\Windows Media Player\Plugins\wmp_scrobbler.dll
2011-07-22 20:54 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin7.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin6.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin5.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin4.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin3.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin2.dll
2011-07-21 21:57 . 2011-07-21 21:57 159744 ----a-w- c:\program files (x86)\Internet Explorer\Wtyczki\npqtplugin.dll
2011-07-21 21:56 . 2011-07-21 21:56 -------- d-----w- c:\programdata\Apple Computer
2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-07-21 21:55 . 2011-07-21 21:55 -------- d-----w- c:\programdata\Apple
2011-07-19 18:47 . 2011-08-05 16:47 -------- d-----w- c:\programdata\Soulseek
2011-07-19 10:56 . 2011-06-20 06:57 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{641EE92E-DA74-410A-8481-16E6517C03F3}\mpengine.dll
2011-07-19 10:56 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-07-19 10:51 . 2011-07-20 11:19 2169856 ----a-w- c:\windows\system32\hale.exe
2011-07-18 23:11 . 2011-07-18 23:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-18 23:10 . 2011-07-18 23:10 -------- d-----w- c:\windows\Sun
2011-07-18 23:10 . 2011-07-18 23:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-18 21:48 . 2011-07-18 21:47 468480 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-18 21:26 . 2011-07-04 11:32 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-18 21:26 . 2011-07-04 11:36 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-18 21:26 . 2011-07-04 11:32 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-18 21:26 . 2011-07-04 11:35 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-18 21:26 . 2011-07-04 11:36 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-18 21:26 . 2011-07-04 11:32 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-18 21:26 . 2011-07-04 11:43 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-18 21:26 . 2011-07-18 21:26 -------- d-----w- c:\programdata\Gadu-Gadu 10
2011-07-18 21:24 . 2011-07-18 21:24 -------- d-----w- c:\windows\SysWow64\Macromed
2011-07-18 21:22 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-18 21:22 . 2011-07-04 11:43 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-07-18 21:22 . 2011-07-18 21:22 -------- d-----w- c:\programdata\AVAST Software
2011-07-16 11:53 . 2011-07-16 11:53 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2011-07-16 11:53 . 2011-07-16 11:53 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2011-07-16 11:53 . 2011-07-16 11:53 -------- d-----w- c:\programdata\Propellerhead Software
2011-07-16 11:44 . 2011-07-16 11:44 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-07-16 11:44 . 2011-08-05 13:17 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-07-16 11:41 . 2010-10-26 21:42 642928 ------w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
2011-07-16 11:41 . 2010-10-26 21:42 749936 ------w- c:\windows\system32\Pen_Touch_Tablet.dll
2011-07-16 11:41 . 2011-07-16 11:41 -------- d-----w- c:\program files (x86)\TabletPlugins
2011-07-16 11:41 . 2010-10-11 19:19 18288 ----a-w- c:\windows\system32\drivers\wacmoumonitor.sys
2011-07-16 11:40 . 2010-10-11 19:19 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2011-07-16 11:40 . 2010-10-11 19:19 16168 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2011-07-16 11:40 . 2010-10-26 21:42 600432 ------w- c:\windows\system32\Wintab32.dll
2011-07-16 11:40 . 2010-10-26 21:42 506736 ------w- c:\windows\SysWow64\Wintab32.dll
2011-07-16 11:40 . 2010-10-26 21:42 756592 ------w- c:\windows\system32\Pen_Tablet.dll
2011-07-16 11:40 . 2010-10-26 21:42 650096 ------w- c:\windows\SysWow64\Pen_Tablet.dll
2011-07-16 11:40 . 2011-07-16 11:41 -------- d-----w- c:\program files\Tablet
2011-07-16 11:34 . 2011-07-16 11:34 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\windows\PCHEALTH
2011-07-16 11:33 . 2011-07-16 11:33 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-07-16 11:21 . 2011-07-16 11:36 -------- d-----w- c:\programdata\Microsoft Help
2011-07-16 11:20 . 2011-07-16 11:20 -------- d-----r- C:\MSOCache
2011-07-16 11:16 . 2011-07-16 10:27 -------- d-----w- c:\windows\Panther
2011-07-16 11:12 . 2010-07-09 11:19 21480 ----a-w- c:\windows\system32\drivers\cpuz134_x64.sys
2011-07-16 11:01 . 2011-07-16 11:02 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2011-07-16 11:01 . 2011-07-16 11:01 -------- d-----w- c:\programdata\Nero
2011-07-16 10:53 . 2011-07-16 10:53 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-16 10:49 . 2011-07-16 10:52 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-07-16 10:42 . 2011-07-16 10:42 -------- d-----w- c:\program files\Realtek
2011-07-16 10:40 . 2011-07-16 10:40 -------- d-----w- c:\programdata\ATI
2011-07-16 10:39 . 2011-07-16 10:39 0 ----a-w- c:\windows\ativpsrm.bin
2011-07-16 10:36 . 2009-05-05 14:00 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2011-07-16 10:36 . 2009-07-30 03:04 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-16 10:35 . 2011-08-06 08:48 -------- d-sh--w- c:\windows\Installer
2011-07-16 10:35 . 2011-07-16 10:35 -------- d-----w- c:\program files\ATI
2011-07-16 10:33 . 2009-04-28 10:33 67128 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-07-16 10:33 . 2009-04-28 10:33 28216 ----a-w- c:\windows\system32\drivers\amdxata.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-20 11:18 . 2009-07-13 23:52 65536 ----a-w- c:\windows\system32\sppuinotify.dll
2011-07-20 11:18 . 2009-07-13 23:51 381952 ----a-w- c:\windows\system32\sppcommdlg.dll
2011-07-20 11:18 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2011-07-20 11:18 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2011-07-20 11:18 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll
2011-07-20 11:18 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll
2011-07-20 11:17 . 2009-07-13 23:57 2048 ----a-w- c:\windows\system32\winver.exe
2011-07-20 11:17 . 2009-07-13 23:52 389632 ----a-w- c:\windows\system32\winlogon.exe
2011-07-20 11:17 . 2009-07-13 23:52 349696 ----a-w- c:\windows\system32\slui.exe
2011-07-20 11:17 . 2009-06-10 20:59 107946 ----a-w- c:\windows\system32\slmgr.vbs
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[-] 2011-07-20 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7600.16385] .. c:\windows\system32\winlogon.exe
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2011-07-20 . F78E7BD7ADC829D9DD92C558180E09DB . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-27_11.07.22 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-27 11:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-06 10:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-06 10:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-27 11:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-16 10:45 . 2011-08-06 10:06 23514 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-06 10:06 39422 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2011-08-06 09:27 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2011-07-24 00:10 76848 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-16 17:23 . 2011-08-06 10:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-16 17:23 . 2011-07-27 11:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-16 10:41 . 2011-08-06 10:06 4474 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-160874040-2124205273-324844842-1000_UserData.bin
+ 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 11:05 . 2011-07-27 11:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-06 10:04 . 2011-08-06 10:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-16 17:20 . 2011-08-05 21:57 285204 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 17:55 . 2011-07-25 16:28 687828 c:\windows\system32\perfh015.dat
+ 2009-07-14 17:55 . 2011-08-05 11:51 687828 c:\windows\system32\perfh015.dat
+ 2009-07-14 02:36 . 2011-08-05 11:51 607190 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-07-25 16:28 607190 c:\windows\system32\perfh009.dat
- 2009-07-14 17:55 . 2011-07-25 16:28 131382 c:\windows\system32\perfc015.dat
+ 2009-07-14 17:55 . 2011-08-05 11:51 131382 c:\windows\system32\perfc015.dat
+ 2009-07-14 02:36 . 2011-08-05 11:51 103568 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-07-25 16:28 103568 c:\windows\system32\perfc009.dat
- 2009-07-14 02:34 . 2011-07-23 18:18 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-08-05 13:19 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 04:45 . 2011-08-06 08:23 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-07-23 10:30 3602726 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-09-23 14:13 . 2010-09-23 14:13 3978752 c:\windows\Installer\c7570b.msi
+ 2011-08-06 08:47 . 2011-08-06 08:47 1402880 c:\windows\Installer\84710.msi
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="e:\avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280]
S3 netr28x;Sterownik karty sieci bezprzewodowej Ralink 802.11n dla systemu Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000Core.job
- c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24]
.
2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160874040-2124205273-324844842-1000UA.job
- c:\users\Neirol\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-18 21:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 134384 ----a-w- e:\avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-24 7935520]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-24 1833504]
"WheelMouse"="e:\mysz\Amoumain.exe" [2008-03-07 237568]
"Chew7Hale"="c:\windows\System32\hale.exe" [2011-07-20 2169856]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 62.179.1.63 62.179.1.62
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
e:\avast\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Czas ukończenia: 2011-08-06 12:10:04 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2011-08-06 10:10
ComboFix2.txt 2011-07-27 11:13
.
Przed: 13 860 237 312 bajtów wolnych
Po: 13 666 430 976 bajtów wolnych
.
- - End Of File - - 3141A1D1C2552EA112A12F879868021B

[/log]

Rady porady? Help!
[/quote]


Noo, nikomu nic nie mówią te logi? Come on :(

kabi95
komentarz
komentarz

Widzę, że masz avasta. Skanowałeś czymś oprócz niego? Spróbuj przeskanować jeszcze np. darmowym skanerem online, np. Kaspersky.

Jaki masz zasilacz?

neirol
komentarz
komentarz (edytowane)

Full check Kasperskim - nic.
Zasilacz - może palnę głupotę, ale w przypadku laptopa to po prostu ta "cegła" na kablu zasilającym? Jeśli tak to hm, Delta Electronics, model ADP-65HB BB, V85, sporo tych literek i cyferek poza tym, coś podać więcej?

BUMP!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.